urlscan.io logo urlscan.io
SecurityTrails logo

www.921theticket.com Open in urlscan Pro
2606:4700::6812:1640  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.921theticket.com/
Submission: On April 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 144 IPs in 17 countries across 128 domains to perform 674 HTTP transactions. The main IP is 2606:4700::6812:1640, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.921theticket.com.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2023. Valid for: 3 months.
This is the only time www.921theticket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
54 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
29 2606:4700::68... 13335 (CLOUDFLAR...)
8 149.126.77.46 19551 (INCAPSULA)
3 72.52.166.135 32244 (LIQUIDWEB)
1 6 65.9.95.125 16509 (AMAZON-02)
1 52.3.62.68 14618 (AMAZON-AES)
1 100.21.16.143 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
9 2001:4860:480... 15169 (GOOGLE)
4 2600:9000:211... 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 52.222.214.24 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
19 2606:2800:234... 15133 (EDGECAST)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.11.47 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
11 65.9.95.85 16509 (AMAZON-02)
8 44.210.56.152 14618 (AMAZON-AES)
3 108.138.1.25 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 52.0.141.13 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
29 2600:9000:223... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 44.193.144.228 14618 (AMAZON-AES)
10 35.71.131.137 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.244.42.8 13414 (TWITTER)
1 2600:9000:215... 16509 (AMAZON-02)
3 4 2.19.70.117 16625 (AKAMAI-AS)
1 2600:9000:212... 16509 (AMAZON-02)
1 65.9.95.17 16509 (AMAZON-02)
1 104.18.12.242 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 34.90.79.92 396982 (GOOGLE-CL...)
1 152.195.34.212 15133 (EDGECAST)
1 178.79.242.181 22822 (LLNW)
1 8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.77.32.87 16625 (AKAMAI-AS)
2 52.22.181.172 14618 (AMAZON-AES)
2 104.18.25.185 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 108.138.4.150 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 213.19.147.42 26120 (RHYTHMONE)
1 18.198.83.226 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
4 8 185.89.210.212 29990 (ASN-APPNEX)
1 54.93.145.184 16509 (AMAZON-02)
2 65.9.95.106 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
5 130.211.115.4 396982 (GOOGLE-CL...)
1 2 147.75.84.158 54825 (PACKET)
3 51.89.9.253 16276 (OVH)
2 216.52.2.91 32475 (SINGLEHOP...)
1 2602:803:c003... 26667 (RUBICONPR...)
13 54.154.239.112 16509 (AMAZON-02)
1 52.202.46.169 14618 (AMAZON-AES)
2 98.98.134.241 21859 (ZEN-ECN)
18 2a00:1450:400... 15169 (GOOGLE)
3 52.35.1.108 16509 (AMAZON-02)
1 4 2a03:2880:f17... 32934 (FACEBOOK)
1 65.9.95.53 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 6 103.229.205.242 30419 (MEDIAMATH...)
16 29 142.250.185.162 15169 (GOOGLE)
2 6 35.204.158.49 396982 (GOOGLE-CL...)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
8 8 37.157.5.142 198622 (ADFORM)
8 104.244.43.131 54113 (FASTLY)
1 2606:2800:233... 15133 (EDGECAST)
10 2a04:4e42:8d:... 54113 (FASTLY)
2 52.57.232.151 16509 (AMAZON-02)
1 35.81.73.75 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 52.217.165.40 16509 (AMAZON-02)
10 23.37.42.132 16625 (AKAMAI-AS)
1 52.217.139.176 16509 (AMAZON-02)
1 4 208.92.53.43 13360 (TRITONDIG...)
8 192.173.28.19 13360 (TRITONDIG...)
2 3 34.254.143.3 16509 (AMAZON-02)
7 12 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 5 209.54.182.161 16509 (AMAZON-02)
2 4 67.220.228.203 16509 (AMAZON-02)
7 7 52.28.20.73 16509 (AMAZON-02)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 1 34.250.229.85 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 3.229.184.207 14618 (AMAZON-AES)
3 98.98.134.242 21859 (ZEN-ECN)
4 8 185.86.139.102 201081 (SMARTADSE...)
5 5 46.228.164.11 56396 (AMOBEE)
1 2600:1901:0:8... 15169 (GOOGLE)
2 162.19.138.83 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
1 2.19.228.175 16625 (AKAMAI-AS)
1 65.9.95.39 16509 (AMAZON-02)
4 2.19.228.187 16625 (AKAMAI-AS)
1 162.19.138.116 16276 (OVH)
1 52.50.102.57 16509 (AMAZON-02)
4 18 185.80.39.216 27381 (CASALE-MEDIA)
1 2600:9000:223... 16509 (AMAZON-02)
2 77.245.57.72 36057 (WEBAIR-IN...)
1 3.216.207.32 14618 (AMAZON-AES)
1 1 216.52.2.6 30282 (AS-INAPCD...)
4 4 213.19.147.45 26120 (RHYTHMONE)
1 69.166.1.12 27630 (AS-XFERNET)
6 6 3.75.62.37 16509 (AMAZON-02)
1 1 34.230.111.71 14618 (AMAZON-AES)
2 35.158.28.31 16509 (AMAZON-02)
1 1 2.19.228.18 16625 (AKAMAI-AS)
7 9 34.233.179.36 14618 (AMAZON-AES)
6 6 151.101.194.49 54113 (FASTLY)
2 3 35.244.159.8 15169 (GOOGLE)
9 18.66.97.47 16509 (AMAZON-02)
13 15 185.64.190.79 62713 (AS-PUBMATIC)
7 10 185.64.190.80 62713 (AS-PUBMATIC)
6 8 198.47.127.20 62713 (AS-PUBMATIC)
1 2.19.224.115 16625 (AKAMAI-AS)
2 4 54.228.21.106 16509 (AMAZON-02)
1 2 23.192.153.172 16625 (AKAMAI-AS)
1 35.244.174.68 15169 (GOOGLE)
1 63.35.158.238 16509 (AMAZON-02)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
2 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 2 35.214.153.92 15169 (GOOGLE)
2 2 185.89.211.132 29990 (ASN-APPNEX)
1 17 52.210.15.1 16509 (AMAZON-02)
3 4 70.42.32.223 13789 (INTERNAP-...)
1 1 35.208.249.213 15169 (GOOGLE)
2 2 54.80.169.87 14618 (AMAZON-AES)
1 1 44.194.106.226 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 70.42.32.63 13789 (INTERNAP-...)
2 2 52.49.68.56 16509 (AMAZON-02)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 1 202.241.208.52 4694 (IDCF IDC ...)
1 1 80.77.87.161 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 8.43.72.98 26667 (RUBICONPR...)
6 11 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.168 1299 (TWELVE99 ...)
2 178.250.1.9 44788 (ASN-CRITE...)
5 5 54.73.101.130 16509 (AMAZON-02)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 72.251.241.206 32475 (SINGLEHOP...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 1 141.94.242.206 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 34.247.20.4 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 1 3.123.167.21 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 134.122.57.34 14061 (DIGITALOC...)
674 144
18    2606:4700::6812:1640 (United States)

ASN13335 (CLOUDFLARENET, US)
www.921theticket.com
8    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
54    2606:4700::6812:176c (United States)

ASN13335 (CLOUDFLARENET, US)
express-cms-assets.franklymedia.com
2    2606:4700::6812:4db (United States)

ASN13335 (CLOUDFLARENET, US)
engage-see.franklymedia.com
10    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
27    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
29    2606:4700::6812:166c (United States)

ASN13335 (CLOUDFLARENET, US)
express-images.franklymedia.com
8    149.126.77.46 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.46.ip.incapdns.net
cumuluspro-express-pro.franklymedia.com
3    72.52.166.135 (Palm City, United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.dellsportsgames.com
w.dailysportspage.com
6    65.9.95.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-125.prg50.r.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
1    52.3.62.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-62-68.compute-1.amazonaws.com
thrtle.com
1    100.21.16.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-16-143.us-west-2.compute.amazonaws.com
kqsm.tunegenie.com
12    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
8    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2600:9000:211e:8200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
3    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    52.222.214.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-24.fra56.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2127:e800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
19    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
11    65.9.95.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-85.prg50.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
8    44.210.56.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-56-152.compute-1.amazonaws.com
s2l.sendtonews.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dl.westseven.media
5    52.0.141.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-141-13.compute-1.amazonaws.com
pixel.westseven.media
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
29    2600:9000:223e:c600:6:4e5d:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
b3.tunegenie.com
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    44.193.144.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-144-228.compute-1.amazonaws.com
id.sv.rkdms.com
10    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:2156:a600:1:c325:9400:21 (United States)

ASN16509 (AMAZON-02, US)
d13l4u7pe64ymo.cloudfront.net
4    2.19.70.117 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-117.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    2600:9000:2127:d800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    65.9.95.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-17.prg50.r.cloudfront.net
player.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
25    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com
tag.simpli.fi
1    152.195.34.212 (United States)

ASN15133 (EDGECAST, US)
media-cdn.ipredictive.com
1    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
up.pixel.ad
8    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.77.32.87 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-32-87.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    52.22.181.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-181-172.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
htlb.casalemedia.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    213.19.147.42 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
1    18.198.83.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-83-226.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
8    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    54.93.145.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-145-184.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    65.9.95.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-106.prg50.r.cloudfront.net
hb.undertone.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
2    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
13    54.154.239.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    52.202.46.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-46-169.compute-1.amazonaws.com
ad.ipredictive.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
18    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    52.35.1.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-1-108.us-west-2.compute.amazonaws.com
api.tunegenie.com
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    65.9.95.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-53.prg50.r.cloudfront.net
a.storyblok.com
2    2404:6800:4007:82d::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
6    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
29    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
6    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
3    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
8    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
1    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
10    2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
2    52.57.232.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-232-151.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    35.81.73.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-73-75.us-west-2.compute.amazonaws.com
static.tunegenie.com
1    2600:9000:2127:8600:7:5253:f880:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.listenlive.co
1    52.217.165.40 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.us-east-1.amazonaws.com
10    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.217.139.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    208.92.53.43 (Canada)

ASN13360 (TRITONDIGITAL, CA)
playerservices.live.streamtheworld.com
playerservices.streamtheworld.com
8    192.173.28.19 (New Zealand)

ASN13360 (TRITONDIGITAL, CA)
yield-op-idsync.live.streamtheworld.com
idsync.live.streamtheworld.com
3    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadus.exelator.com
loada.exelator.com
12    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    2a05:d018:d29:3602:66be:b78c:9970:b3c5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    52.28.20.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-20-73.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.250.229.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-229-85.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    3.229.184.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-184-207.compute-1.amazonaws.com
rtb.adentifi.com
3    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
8    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
2    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    2600:9000:223c:6c00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    2.19.228.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-175.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    65.9.95.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-39.prg50.r.cloudfront.net
public.servenobid.com
4    2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    52.50.102.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-102-57.eu-west-1.compute.amazonaws.com
g2.gumgum.com
18    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2600:9000:223f:9a00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
2    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    3.216.207.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-207-32.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
4    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
1    34.230.111.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-111-71.compute-1.amazonaws.com
ssp.disqus.com
2    35.158.28.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-28-31.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.19.228.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-18.deploy.static.akamaitechnologies.com
hbx.media.net
9    34.233.179.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-179-36.compute-1.amazonaws.com
a.audrte.com
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
9    18.66.97.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-47.fra56.r.cloudfront.net
usr.undertone.com
15    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
8    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com
cw.addthis.com
4    54.228.21.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-106.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    23.192.153.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    63.35.158.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-158-238.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
2    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
17    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
4    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    54.80.169.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-169-87.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    44.194.106.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-106-226.compute-1.amazonaws.com
sync.ipredictive.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    52.49.68.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-68-56.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
11    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    54.73.101.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-101-130.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    34.247.20.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-20-4.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    3.123.167.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-167-21.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
93 franklymedia.com
express-cms-assets.franklymedia.com — Cisco Umbrella Rank: 113055
engage-see.franklymedia.com — Cisco Umbrella Rank: 87832
express-images.franklymedia.com — Cisco Umbrella Rank: 103496
cumuluspro-express-pro.franklymedia.com — Cisco Umbrella Rank: 380855
3 MB
67 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
pubads.g.doubleclick.net — Cisco Umbrella Rank: 464
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 220
558 KB
53 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 498
ads.pubmatic.com — Cisco Umbrella Rank: 510
image8.pubmatic.com — Cisco Umbrella Rank: 648
image2.pubmatic.com — Cisco Umbrella Rank: 893
image4.pubmatic.com — Cisco Umbrella Rank: 956
image6.pubmatic.com — Cisco Umbrella Rank: 758
simage2.pubmatic.com — Cisco Umbrella Rank: 692
simage4.pubmatic.com
51 KB
47 googlesyndication.com
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 138
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
313 KB
34 tunegenie.com
kqsm.tunegenie.com
b3.tunegenie.com — Cisco Umbrella Rank: 121838
api.tunegenie.com — Cisco Umbrella Rank: 49637
static.tunegenie.com — Cisco Umbrella Rank: 132972
534 KB
31 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2388
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 877
fastlane.rubiconproject.com — Cisco Umbrella Rank: 478
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2888
eus.rubiconproject.com — Cisco Umbrella Rank: 575
token.rubiconproject.com — Cisco Umbrella Rank: 569
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1064
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1063
226 KB
22 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 812
syndication.twitter.com — Cisco Umbrella Rank: 1117
685 KB
20 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1647
htlb.casalemedia.com — Cisco Umbrella Rank: 527
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 458
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 553
dsum.casalemedia.com — Cisco Umbrella Rank: 1248
16 KB
19 twimg.com
abs-0.twimg.com — Cisco Umbrella Rank: 2281
abs.twimg.com — Cisco Umbrella Rank: 2077
pbs.twimg.com — Cisco Umbrella Rank: 822
112 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1495
usersync.gumgum.com — Cisco Umbrella Rank: 1803
6 KB
18 921theticket.com
www.921theticket.com
1 MB
17 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2400
61 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 12317
embedcdn.sendtonews.com — Cisco Umbrella Rank: 14206
s2l.sendtonews.com — Cisco Umbrella Rank: 12644
player.sendtonews.com — Cisco Umbrella Rank: 14715
349 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2277
public.servenobid.com — Cisco Umbrella Rank: 3844
9 KB
14 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
349 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 408
s.amazon-adsystem.com — Cisco Umbrella Rank: 292
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1043
66 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
3 KB
12 streamtheworld.com
playerservices.live.streamtheworld.com — Cisco Umbrella Rank: 17506
yield-op-idsync.live.streamtheworld.com — Cisco Umbrella Rank: 10077
playerservices.streamtheworld.com — Cisco Umbrella Rank: 24092
idsync.live.streamtheworld.com — Cisco Umbrella Rank: 4261
9 KB
12 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3218
cdn.undertone.com — Cisco Umbrella Rank: 4519
usr.undertone.com — Cisco Umbrella Rank: 3639
7 KB
12 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d13l4u7pe64ymo.cloudfront.net
2 MB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 227
acdn.adnxs.com — Cisco Umbrella Rank: 593
secure.adnxs.com — Cisco Umbrella Rank: 424
27 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
imasdk.googleapis.com — Cisco Umbrella Rank: 476
475 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 382
218 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 337
3 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
583 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2080
6 KB
9 google.de
adservice.google.de — Cisco Umbrella Rank: 9047
www.google.de — Cisco Umbrella Rank: 6074
2 KB
8 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 745
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614
3 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 449
ups.analytics.yahoo.com — Cisco Umbrella Rank: 296
3 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 585
dmp.adform.net — Cisco Umbrella Rank: 2901
5 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 314
2 KB
7 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4014
um.simpli.fi — Cisco Umbrella Rank: 773
6 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 627
2 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 496
4 KB
6 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 6494
data.ad-score.com — Cisco Umbrella Rank: 6309
141 KB
6 westseven.media
dl.westseven.media — Cisco Umbrella Rank: 168436
pixel.westseven.media — Cisco Umbrella Rank: 102451
11 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 543
2 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 833
2 KB
5 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3600
pixel-sync.sitescout.com — Cisco Umbrella Rank: 635
828 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
220 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 774
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
292 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
225 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 159
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
34 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1074
pixel.quantserve.com — Cisco Umbrella Rank: 820
cms.quantserve.com — Cisco Umbrella Rank: 685
10 KB
4 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2797
138 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 23377
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28520
898 B
3 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2751
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3021
464 B
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 448
640 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1305
loada.exelator.com — Cisco Umbrella Rank: 26900
3 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1516
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 623
ce.lijit.com — Cisco Umbrella Rank: 865
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 778
368 B
3 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 724
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1148
633 B
3 ipredictive.com
media-cdn.ipredictive.com — Cisco Umbrella Rank: 10642
ad.ipredictive.com — Cisco Umbrella Rank: 5639
sync.ipredictive.com — Cisco Umbrella Rank: 873
7 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 358
27 KB
3 dailysportspage.com
w.dailysportspage.com
52 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 14911
pixel.onaudience.com Failed
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 779
s.tribalfusion.com — Cisco Umbrella Rank: 1904
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 731
363 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4908
562 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 558
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 598
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 674
647 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 572
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 673
2 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
484 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 556
stags.bluekai.com — Cisco Umbrella Rank: 540
912 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 550
718 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1237
320 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 443
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 811
1 KB
2 amazonaws.com
s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3460
s3.amazonaws.com
53 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
64 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1024
416 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1811
24 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1280
104 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 698
456 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 788
idsync.rlcdn.com — Cisco Umbrella Rank: 383
461 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2241
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3589
466 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6264
346 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
265 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 19469
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2609
644 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1347
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5544
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5151
369 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1084
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1044
698 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 994
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1416
338 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1351
389 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1591
349 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 622
338 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 2665
428 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1511
310 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1513
443 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1399
275 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 882
498 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3113
329 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3390
485 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1009
407 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1349
253 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1164
35 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1327
707 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2142
526 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 359
651 B
1 listenlive.co
sdk.listenlive.co — Cisco Umbrella Rank: 44776
277 KB
1 storyblok.com
a.storyblok.com — Cisco Umbrella Rank: 28202
62 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 531
526 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 632
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1130
17 KB
1 pixel.ad
up.pixel.ad — Cisco Umbrella Rank: 8800
2 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 8337
96 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 294
17 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5245
170 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 633
13 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 953
644 B
1 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1227
0 fiftyt.com Failed
visitor.fiftyt.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 zeotap.com Failed
mwzeom.zeotap.com Failed
0 agkn.com Failed
fid.agkn.com Failed
0 targetspot.com Failed
nodeny.targetspot.com Failed
674 128
Domain Requested by
54 express-cms-assets.franklymedia.com www.921theticket.com
29 cm.g.doubleclick.net 16 redirects www.921theticket.com
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
g2.gumgum.com
29 b3.tunegenie.com kqsm.tunegenie.com
b3.tunegenie.com
www.921theticket.com
29 express-images.franklymedia.com www.921theticket.com
express-cms-assets.franklymedia.com
27 securepubads.g.doubleclick.net www.921theticket.com
securepubads.g.doubleclick.net
www.googletagservices.com
d13l4u7pe64ymo.cloudfront.net
b3.tunegenie.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.921theticket.com
d13l4u7pe64ymo.cloudfront.net
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
tpc.googlesyndication.com
19 platform.twitter.com www.921theticket.com
platform.twitter.com
syndication.twitter.com
18 pagead2.googlesyndication.com d13l4u7pe64ymo.cloudfront.net
securepubads.g.doubleclick.net
www.921theticket.com
tpc.googlesyndication.com
b3.tunegenie.com
www.googletagservices.com
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
18 www.921theticket.com 1 redirects www.921theticket.com
17 usersync.gumgum.com 1 redirects g2.gumgum.com
15 image8.pubmatic.com 13 redirects ads.pubmatic.com
13 ads.servenobid.com ads.rubiconproject.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
11 simage2.pubmatic.com 6 redirects ads.pubmatic.com
11 d29xw9s9x32j3w.cloudfront.net www.921theticket.com
embed.sendtonews.com
10 image2.pubmatic.com 7 redirects ads.pubmatic.com
10 eus.rubiconproject.com embed.sendtonews.com
eus.rubiconproject.com
d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
cdn.undertone.com
g2.gumgum.com
10 pbs.twimg.com syndication.twitter.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 match.adsrvr.org js-sec.indexww.com
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
www.921theticket.com
cdn.undertone.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
10 fonts.gstatic.com fonts.googleapis.com
10 www.googletagmanager.com www.921theticket.com
www.googletagmanager.com
b3.tunegenie.com
9 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 a.audrte.com 7 redirects ssbsync.smartadserver.com
9 region1.google-analytics.com www.googletagmanager.com
8 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
8 pixel.rubiconproject.com 3 redirects www.921theticket.com
cdn.undertone.com
eus.rubiconproject.com
8 abs-0.twimg.com syndication.twitter.com
8 ib.adnxs.com 4 redirects embed.sendtonews.com
ads.rubiconproject.com
acdn.adnxs.com
ads.pubmatic.com
8 www.google.com 1 redirects www.921theticket.com
d13l4u7pe64ymo.cloudfront.net
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 s2l.sendtonews.com embed.sendtonews.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.921theticket.com
8 cumuluspro-express-pro.franklymedia.com www.921theticket.com
8 fonts.googleapis.com www.921theticket.com
embed.sendtonews.com
securepubads.g.doubleclick.net
b3.tunegenie.com
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
7 image4.pubmatic.com 6 redirects
7 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
cdn.undertone.com
ssum-sec.casalemedia.com
g2.gumgum.com
7 x.bidswitch.net 7 redirects
7 yield-op-idsync.live.streamtheworld.com playerservices.live.streamtheworld.com
6 sync-tm.everesttech.net 6 redirects
6 c1.adform.net 6 redirects
6 um.simpli.fi 2 redirects
6 sync.mathtag.com 6 redirects ads.pubmatic.com
5 match.prod.bidr.io 5 redirects
5 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
5 ups.analytics.yahoo.com 5 redirects
5 ad.turn.com 5 redirects
5 s.amazon-adsystem.com 2 redirects www.921theticket.com
ssum-sec.casalemedia.com
5 data.ad-score.com d13l4u7pe64ymo.cloudfront.net
5 www.googletagservices.com securepubads.g.doubleclick.net
dl.westseven.media
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
5 pixel.westseven.media securepubads.g.doubleclick.net
www.921theticket.com
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
d13l4u7pe64ymo.cloudfront.net
5 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
d13l4u7pe64ymo.cloudfront.net
5 embed.sendtonews.com 1 redirects www.921theticket.com
embed.sendtonews.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 dpm.demdex.net 2 redirects cdn.undertone.com
ssum-sec.casalemedia.com
4 ads.pubmatic.com d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
g2.gumgum.com
4 aax-eu.amazon-adsystem.com 2 redirects www.921theticket.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 www.facebook.com 1 redirects www.921theticket.com
connect.facebook.net
4 www.google.de www.921theticket.com
4 googleads.g.doubleclick.net www.googletagmanager.com
www.921theticket.com
4 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
4 connect.facebook.net www.921theticket.com
connect.facebook.net
4 sb.scorecardresearch.com 1 redirects www.921theticket.com
4 cdnjs.cloudflare.com www.googletagmanager.com
embed.sendtonews.com
b3.tunegenie.com
4 cmp.quantcast.com www.921theticket.com
cmp.quantcast.com
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 us-u.openx.net 2 redirects cdn.undertone.com
3 sync.1rx.io 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 ssbsync.smartadserver.com 1 redirects public.servenobid.com
3 pixel-sync.sitescout.com cdn.undertone.com
3 pr-bh.ybp.yahoo.com 2 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 api.tunegenie.com b3.tunegenie.com
3 onetag-sys.com ads.rubiconproject.com
d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
3 syndication.twitter.com platform.twitter.com
syndication.twitter.com
3 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
3 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
sdk.listenlive.co
3 stats.g.doubleclick.net www.google-analytics.com
3 cdn.jsdelivr.net www.googletagmanager.com
3 w.dailysportspage.com www.921theticket.com
w.dailysportspage.com
2 cr.frontend.weborama.fr 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 secure.adnxs.com 2 redirects
2 csync.loopme.me 2 redirects
2 casale-match.dotomi.com 2 redirects
2 cms.quantserve.com 2 redirects
2 dmp.adform.net 2 redirects
2 match.sharethrough.com public.servenobid.com
ssbsync.smartadserver.com
2 sync.adkernel.com public.servenobid.com
g2.gumgum.com
2 id5-sync.com ads.rubiconproject.com
2 p.rfihub.com 2 redirects
2 playerservices.streamtheworld.com b3.tunegenie.com
2 loadus.exelator.com 1 redirects
2 playerservices.live.streamtheworld.com 1 redirects
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 www.youtube.com b3.tunegenie.com
www.youtube.com
2 www.gstatic.com ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
2 csi.gstatic.com imasdk.googleapis.com
2 e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com d13l4u7pe64ymo.cloudfront.net
2 pixel.sitescout.com www.921theticket.com
2 ap.lijit.com ads.rubiconproject.com
public.servenobid.com
2 prebid.a-mo.net 1 redirects ads.rubiconproject.com
2 hbopenbid.pubmatic.com embed.sendtonews.com
ads.rubiconproject.com
2 hb.undertone.com embed.sendtonews.com
ads.rubiconproject.com
2 targeting.unrulymedia.com embed.sendtonews.com
2 script.4dex.io d13l4u7pe64ymo.cloudfront.net
2 i.clean.gg d13l4u7pe64ymo.cloudfront.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 engage-see.franklymedia.com www.921theticket.com
1 simage4.pubmatic.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 loada.exelator.com 1 redirects
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 trace.mediago.io 1 redirects
1 dmp.brand-display.com 1 redirects
1 beacon.krxd.net cdn.undertone.com
1 idsync.rlcdn.com cdn.undertone.com
1 tags.bluekai.com cdn.undertone.com
1 cw.addthis.com cdn.undertone.com
1 pixel.advertising.com 1 redirects
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ce.lijit.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 lb.eu-1-id5-sync.com ads.rubiconproject.com
1 public.servenobid.com d13l4u7pe64ymo.cloudfront.net
1 acdn.adnxs.com d13l4u7pe64ymo.cloudfront.net
1 cdn.undertone.com d13l4u7pe64ymo.cloudfront.net
1 lexicon.33across.com ads.rubiconproject.com
1 idsync.live.streamtheworld.com
1 rtb.adentifi.com
1 ums.acuityplatform.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com 1 redirects
1 px.ads.linkedin.com www.921theticket.com
1 s3.amazonaws.com
1 s3.us-east-1.amazonaws.com
1 sdk.listenlive.co b3.tunegenie.com
1 static.tunegenie.com www.921theticket.com
1 abs.twimg.com platform.twitter.com
1 a.storyblok.com www.921theticket.com
1 ad.ipredictive.com www.921theticket.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 htlb.casalemedia.com embed.sendtonews.com
1 tlx.3lift.com embed.sendtonews.com
1 search.spotxchange.com embed.sendtonews.com
1 prebid-server.rubiconproject.com embed.sendtonews.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 secure.cdn.fastclick.net www.921theticket.com
1 up.pixel.ad www.googletagmanager.com
1 media-cdn.ipredictive.com www.googletagmanager.com
1 tag.simpli.fi www.googletagmanager.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 js.ad-score.com dl.westseven.media
1 ads.rubiconproject.com dl.westseven.media
1 d13l4u7pe64ymo.cloudfront.net dl.westseven.media
1 s0.2mdn.net imasdk.googleapis.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
ads.rubiconproject.com
1 dl.westseven.media securepubads.g.doubleclick.net
1 js-sec.indexww.com embed.sendtonews.com
1 pixel.quantserve.com www.921theticket.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cmp.quantcast.com
1 kqsm.tunegenie.com www.921theticket.com
1 thrtle.com www.921theticket.com
1 embedcdn.sendtonews.com www.921theticket.com
0 pixel.onaudience.com Failed
0 visitor.fiftyt.com Failed
0 uipglob.semasio.net Failed
0 mwzeom.zeotap.com Failed
0 fid.agkn.com Failed ads.rubiconproject.com
0 nodeny.targetspot.com Failed
674 206
Subject Issuer Validity Valid
www.921theticket.com
GTS CA 1P5		 2023-04-17 -
2023-07-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.franklymedia.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
w.dailysportspage.com
cPanel, Inc. Certification Authority		 2021-09-26 -
2021-12-25		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
*.tunegenie.com
Amazon RSA 2048 M01		 2023-01-24 -
2024-02-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
cmp.quantcast.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2022-11-21 -
2023-12-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-03-02 -
2023-06-16		 4 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.westseven.media
Amazon RSA 2048 M01		 2023-02-17 -
2023-07-22		 5 months crt.sh
b3.tunegenie.com
Amazon RSA 2048 M01		 2023-02-17 -
2024-03-17		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-11-26		 9 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ipredictive.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-02-02 -
2024-02-01		 a year crt.sh
*.pixel.ad
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-24 -
2024-02-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-03-27 -
2023-06-25		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2023-02-28 -
2024-03-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-10-01		 7 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-06-27		 5 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.storyblok.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-15		 7 months crt.sh
*.listenlive.co
Amazon RSA 2048 M02		 2023-02-21 -
2023-09-20		 7 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.live.streamtheworld.com
Go Daddy Secure Certificate Authority - G2		 2023-03-19 -
2024-04-19		 a year crt.sh
*.streamtheworld.com
Go Daddy Secure Certificate Authority - G2		 2023-01-24 -
2024-02-25		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-06-29		 4 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01		 2023-03-24 -
2024-04-21		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh

This page contains 79 frames:

Primary Page: https://www.921theticket.com/
Frame ID: C871451668C8BD27059A71B12449D510
Requests: 253 HTTP requests in this frame

Frame: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7FFE32DC5250A5FC178D72EE8E3A2CB9
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: A16F0EDCFD0502A29BFCF3F5C97F9726
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbRZefkMuYyHHurq0-nN0D9ns2Oyi6CuuBqGwJMVscpJu0jWZxywbOXzLWy_Zi8K3rJr7pE2HPC2Hak0VywPZ7olYqRigQTC4Fvwd4gIFXr1rtN1rQiUDqjFUG2gizTHsjGTllM0NXOwZlwMYcloUnfbSiq7p9xvNJj1EcoAQSvSYMrFsnFgWIPx_kVY2l5_muHOLseUVPlvIpZSU-3xHxsW7EcIQlcVSNlnm7z2cP3hMil9z8u-l3HT8KLkc3zXweUpj62XJTcu3kyMqTjQ_m4NpOuRccEdoukRrwtrMUPnX3zlquUNWRR-sZ1AIuWoI&sai=AMfl-YS2D8V5Q7Lr6_ExTibhVA6gy8tIAxR2vZrapFujTTTmJJhmdiIMpMK-QqBFuWUk4tt-TDk4z8k3Q6pvwfBXZpP3cPaUUE1VfhuTisNPgOC8U2yWv0j4sCRfeK6kXRIAtJvrfxaAaGFG4MuHM-o&sig=Cg0ArKJSzBCMHbZcVfNAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7AF759FF8A858C4AB07B78A02E106F1B
Requests: 52 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.921theticket.com
Frame ID: CA69D59AFAEAF43666EF27E69BCACF13
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Frame ID: B50E568B39839D66FC84848CED86A4D4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssql-KLeAEW6iVSnEGccSJ8km7f4dWIffD8Jd1Hj-PlVe-9YrDVENjvIxWumPS42jiH3f6UiqKXs0eMd15KQn9O2ePQR4qK8ydFbYwP9Yw_rbQiV0SHknH74qvicbjYBKUpoO6twnWRLfumycANM_kBELUxRKXMrcgI4p5eJDX5-e6DD0C01qTGIA2b893pExyUPwDR1UcFu6raofRGd7b8hJjnHmfPXb60iqbMubEu_wlsoOGYqIKQouU1nrpfe969EKDW0zX2dl7TUEC3m35i06r8F9y2KJOsuilWztV4I9VlrZnsefNPDKfYBrU&sai=AMfl-YScRLbIyRMedYre8DfMpgKYFBEvxXy01sp8jeiK4VHhd_V4SvM80gO84eUAVyMZvHlXJye8ni-dMvkNM0cABpUUYtmpClrFciKBniaBJAds6BZ5F3H2Z3yWGXx2bf1tTix_CI9Yg8e1VuuZAOXT&sig=Cg0ArKJSzG1LFfFLqb4aEAE&uach_m=[UACH]&adurl=
Frame ID: B2CDEEF8AE455C228D942A1D94F8A028
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: 022C2193147846B4DDDA60EC590CBBB5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: 32097AE260CC9819C0ECFC2511AB7472
Requests: 14 HTTP requests in this frame

Frame: data://truncated
Frame ID: A1EA5E113DA0631468C43F3D21155FDE
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?gdpr=0
Frame ID: 94B366FF66FBA31AA79FB2E5CC0B3D85
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Frame ID: A0E2F57D60A67F30547FABB1383CC695
Requests: 37 HTTP requests in this frame

Frame: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0D78A5D4A7A61504198C1D0BE260AF62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D30B1032BD631C4EA8CE43021E3F305C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D0F27330EBDA9F923787523C5EDCC18
Requests: 2 HTTP requests in this frame

Frame: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Frame ID: 7D147583427C38753F28A6476D35E326
Requests: 60 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 30A60A7C757294D8E23CE4C124A7FA4D
Requests: 1 HTTP requests in this frame

Frame: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A034DB8FC02A9F011E0F19D35FA8021
Requests: 17 HTTP requests in this frame

Frame: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8CBB1282AA68AEA17ACACE9A39905546
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2BE8D0AB295D769C3FA8F14001F383BD
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 817F0A6B218F25ABD433BE837872F381
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Frame ID: 1DDBB1F37940BE4297EDD3898D62BA10
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Frame ID: 6F3E47E22B26F2B38CD64FF11D36009D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df326c6a26fa24c4%2526domain%253Dwww.921theticket.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.921theticket.com%25252Ff201b8cc07e4fd8%2526relation%253Dparent.parent%26container_width%3D331%26height%3D448%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Red-Zone-with-JB-on-921-The-Ticket%252F281344338549686%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26width%3D310
Frame ID: 6246A473A8358390A1C1FF17EEAD8CD7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D85BA25DCE7B0CFFF4EB5A3089AE72E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 233378AA0429FC973D674E90DC396F31
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 4EBF0151EA5042CCB7B6A42434B71BC9
Requests: 10 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Frame ID: 1C8BA43C6DA1D5AD9292339FE46EDFFB
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6463E2F0FEC19D989038F08815EC24D4
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1681756340800&gdpr=0&us_privacy=1---
Frame ID: 9F0C66D0B41E17B1B9A8CE5480C1492B
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?usp_consent=1---
Frame ID: C5925FFA9CC62FE5FFFBE4ED0DA0FFD2
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: C38B3D4DB808D7450F261E30EAB893EF
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 172C4B1FD11692EBF47ECA51FCC3A832
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: BD6E2880D3FE0D14ABD12C8123FD3BF5
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 117FF64F54393499A1C853AE7B816D09
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F24A24FA3D71A33C082950D9452E149C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 4252159D1584D9FDA999F083C94E43F3
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: B2E3F5E3EE89A2DE59E7724448CCD071
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 2973A1F2102C01151CEBA94A9E451EE0
Requests: 10 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: DDEEC812762E22644DE752E0E936F457
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Frame ID: CD6F592793545DC842EBB764BB037743
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 26F9DCEB62A0B9011E0833662D8A51F6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: A1132DF87A41181162E31FB085C5D960
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 4EF548E75821CE97FA978C48C86C78D1
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent=
Frame ID: C6A97E6DBF0BDD52174ABCE304A37F16
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 41B70CEDA28F22B92E2FBCB0E29C85EE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZD2QugADfRJykwBL&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL
Frame ID: 19F0099497E3B4835E5ED2318A1AAF3A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZTQyNDZmYy0yMzYyLTQ2ODMtYWY0Zi05MGJmZmYwNzk2YjI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 79C69519C57CC1E5E20F34A84337E883
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A378075DB7FF47B0AD4A66FB1947EDA5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: A27779E498CC6CDB371FC4821B880CD5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZD2Qu8Co5s0AAE2xOHkAAAAA
Frame ID: 89CC49B628313C93F247ECB70E5FB37B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=299728d2-bc6d-4866-a1b5-47879b085727
Frame ID: 693462707BE1D7EB748D5C7CD98851F0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 738BAD3D6746F6AE647BA505565A7755
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=3OxQkiYyWzBz8jv6c9IZ&pi=gumgum&tc=1
Frame ID: 5A1EA0A80A7D40A205298E22935F7C32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B9B86E61D79097C3400FCBC78D7C03A6
Requests: 3 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 836FAE932605B626FAEDB87E7FA22CE9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6403764937664543680
Frame ID: FF70903C69D0CF5B1BF8333CF972D173
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 27F13604E1EBE7490892D45760B79A7C
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Frame ID: 32D03C20BA5DB5B2B7E8AFC337EAC829
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E4985D8A-E953-4D5D-9549-51B45646CB1A&redir=true&gdpr=0&gdpr_consent=
Frame ID: 57C31B7CC19746B647FBD889B108EA10
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Frame ID: 7803E204432A683A3669F22D072952F3
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Frame ID: 42CF6EE4D760A67A92A70B6481C1EC49
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3_GxipHyVMdSF-_h-hBmCFFfBSc&gdpr=0&gdpr_consent=
Frame ID: 3E69F92CC3C102C6D04C76F781E94DFF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt007IeyEAACBVcRpNpw&gdpr=0&gdpr_consent=
Frame ID: F0B9D5D1233B913BB38C836EB1BAD21C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2QugADeOgNhwBS&gdpr=1&gdpr_consent=&_test=ZD2QugADeOgNhwBS
Frame ID: 1C28A8389AB3016350DA12CB17AE92FE
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 322792772F46328AAD9B58F0A3F300E7
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: AA6D8C148C0EFC884ED1B03952F19166
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 4FF59FF6E35DFF17F6323E3AA973533C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4BB2B4D7148D3B0DB2AC8EDBFC881729
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4BC716E051FB065A1EC8F1BD877F56BC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=rgevf0ercwsk
Frame ID: CB735DD7A1A126A2459DDACDF9E9F880
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 705055FC2F5F26EBC992110887A85D61
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 1C102B88DA373718EE02DF9FAA4AD9F5
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 068CA481AE5537CAE377201288263FDF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E242960DADA60AF767839031EF70FDE6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP
Frame ID: 1EC6728EB29AC6D009B7B2BF8806AEB8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=22C1059D-5906-42A9-8CA9-3ACA1298F752&redir=true&gdpr=0&gdpr_consent=
Frame ID: 3DCCFD24A781C5644F50C3B7FA51A945
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: C7B46A80E73228709AB30E872A8FD022
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Frame ID: 11DE576FFD354DDF23E6D9845E1734C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

THE TICKET 92.1 | KQSM-FM

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • vue[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

674
Requests

84 %
HTTPS

28 %
IPv6

128
Domains

206
Subdomains

144
IPs

17
Countries

12488 kB
Transfer

24877 kB
Size

161
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://embed.sendtonews.com/player3/embedcode.js?fk=5oC5qDti&cid=5513&offsetx=0&offsety=80&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
Request Chain 180
  • https://www.921theticket.com/category/insurify/feed HTTP 301
  • https://www.921theticket.com/category/insurify/feed/
Request Chain 288
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 430
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHzkDnm_3qPYe83ivgcVwOE&google_cver=1&google_push=Aer7DvKotRXYW88OhRDDLYyp290oTP9LHLMyag6rra5z-PAw1yQB634CMtKoeAKuiXg8FFiSbrDUDsJ7j9Pd0ab3G-jUc-HJQQoG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKotRXYW88OhRDDLYyp290oTP9LHLMyag6rra5z-PAw1yQB634CMtKoeAKuiXg8FFiSbrDUDsJ7j9Pd0ab3G-jUc-HJQQoG
Request Chain 431
  • https://um.simpli.fi/gp_match?google_gid=CAESENRJW1yy95oKifQlHsf4tTM&google_cver=1&google_push=Aer7DvKIzlg74YzdpNTvm-2oxnrY68QSptv8hA396o8_QUh8_t3MJOIJIIDkQZ22BGxBNUQNVa1j35HhNZIWRoybpWBLp0MhCcI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvKIzlg74YzdpNTvm-2oxnrY68QSptv8hA396o8_QUh8_t3MJOIJIIDkQZ22BGxBNUQNVa1j35HhNZIWRoybpWBLp0MhCcI
Request Chain 433
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK5i96f87rEwu4pZrXGjTuY&google_cver=1&google_push=Aer7DvII_ysjmx_brVJXFljyUcdwgYr5eN5vdNATGcaOtLWHsESl-wARLUQcpQ4_mP5ff8E-wz_R3zvCxMPkg-31Sr_1F--2Za_u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvII_ysjmx_brVJXFljyUcdwgYr5eN5vdNATGcaOtLWHsESl-wARLUQcpQ4_mP5ff8E-wz_R3zvCxMPkg-31Sr_1F--2Za_u
Request Chain 434
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh9SFGJ7H-KB0VrIaw_6Oqw7 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh9SFGJ7H-KB0VrIaw_6Oqw7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MDczODQyMzkzNjMxMDYyNg&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh9SFGJ7H-KB0VrIaw_6Oqw7
Request Chain 438
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHzkDnm_3qPYe83ivgcVwOE&google_cver=1&google_push=Aer7DvJ3taw3QGZlVDMEc47knsUVqBhBgWru-IzHlWCXuqH0oQo_Ap6UHVlmF_Q4LICd-ktqOsW8_SMRbJPj8_l1gnlXDzSdis8d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ3taw3QGZlVDMEc47knsUVqBhBgWru-IzHlWCXuqH0oQo_Ap6UHVlmF_Q4LICd-ktqOsW8_SMRbJPj8_l1gnlXDzSdis8d
Request Chain 439
  • https://um.simpli.fi/gp_match?google_gid=CAESENRJW1yy95oKifQlHsf4tTM&google_cver=1&google_push=Aer7DvJ-BttBaVDR76rbCSa4tgLj2uJhKk4bcglYlR79MHkXnJsrA15fYVmZZnvxHlejNp2o87kMIEZyhdZZ_JZsm_aj6seA5dN5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvJ-BttBaVDR76rbCSa4tgLj2uJhKk4bcglYlR79MHkXnJsrA15fYVmZZnvxHlejNp2o87kMIEZyhdZZ_JZsm_aj6seA5dN5
Request Chain 441
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK5i96f87rEwu4pZrXGjTuY&google_cver=1&google_push=Aer7DvLGYGsrxV4-MJHkimOkpI0j-TCJREzE6WEyqPzXITvO4KBieBFFMakP-NeSxvs_RTp1RysIkK2JTNhpaZZC8UXAWt74izb8ww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvLGYGsrxV4-MJHkimOkpI0j-TCJREzE6WEyqPzXITvO4KBieBFFMakP-NeSxvs_RTp1RysIkK2JTNhpaZZC8UXAWt74izb8ww
Request Chain 442
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI8ZFYbk-WlaF_kkrYFP6aMK HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI8ZFYbk-WlaF_kkrYFP6aMK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY1ODc1ODI0OTgxNjc1ODcxNQ&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI8ZFYbk-WlaF_kkrYFP6aMK
Request Chain 480
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df326c6a26fa24c4%26domain%3Dwww.921theticket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.921theticket.com%252Ff201b8cc07e4fd8%26relation%3Dparent.parent&container_width=331&height=448&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FThe-Red-Zone-with-JB-on-921-The-Ticket%2F281344338549686&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&width=310 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df326c6a26fa24c4%2526domain%253Dwww.921theticket.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.921theticket.com%25252Ff201b8cc07e4fd8%2526relation%253Dparent.parent%26container_width%3D331%26height%3D448%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Red-Zone-with-JB-on-921-The-Ticket%252F281344338549686%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26width%3D310
Request Chain 482
  • https://sb.scorecardresearch.com/c2/16059128/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 501
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM HTTP 302
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM&bounce=true
Request Chain 504
  • https://loadus.exelator.com/load/?p=930&g=3&station=KQSMFM&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=930&g=3&station=KQSMFM&j=0&xl8blockcheck=1
Request Chain 506
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODkxODhlMWUwNzhkNjRkNTkzMTNiNGQ1MzA2ZDhhYWMzNTA4ZWYzOA&gdpr=0&us_privacy=1---
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG3RRuq_33T3OsjmAZjgsnM&google_cver=1
Request Chain 509
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGL6AXEI-G-I8Q&gdpr=0&us_privacy=1---
Request Chain 510
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dIA3TgkcdzIkUNYy0J_aOg?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IvbkZZlE2oI9.MN4m.rob73q1R.a7LYGWrJg3A--~A
Request Chain 511
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WwP_XlVvTj-wX1b81LJDlA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WwP_XlVvTj-wX1b81LJDlA&gdpr=0
Request Chain 512
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v7OF9tT4QqSK-YQVdofCjw&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v7OF9tT4QqSK-YQVdofCjw&gdpr=0
Request Chain 513
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdMNkFYRUktRy1JOFE=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKcMxq1C4520m9JQfcQcpzM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMNkFYRUktRy1JOFE=&google_push=&gdpr=0
Request Chain 518
  • https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=10649 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=1315223837049125863&pubId=10649
Request Chain 520
  • https://x.bidswitch.net/sync?ssp=triton&stn=KQSMFM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triton&stn=KQSMFM HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triton&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322325976183165&expires=30&ssp=triton HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=8be02d32-7750-43c4-b6ad-b005c905096a&stn=KQSMFM
Request Chain 522
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=837cb2be42272416332295ddf0594755&pubId=10649
Request Chain 523
  • https://ums.acuityplatform.com/tum?umid=133&uid=b5cae393-e4b0-433c-bb6c-de9f7cd109d1&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768572484574&pubId=10649
Request Chain 525
  • https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1035643d-90b7-4200-a221-a4710b81560e&pubId=10649
Request Chain 527
  • https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=KQSMFM HTTP 302
  • https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEDydd4RtqgqUYoFm0jwo9wA&stn=KQSMFM&google_cver=1
Request Chain 529
  • https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4141980922447770076&pubId=10649
Request Chain 545
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 546
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 551
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1315223837049125863
Request Chain 552
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Gf0YpBZHi4NStTnTQhS--oim
Request Chain 554
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1681756346338 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5826736729 HTTP 302
  • https://sync.1rx.io/usersync/turn/4141980922447770076?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3e293132-82b3-4291-884a-1f5f7818e873-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-3e293132-82b3-4291-884a-1f5f7818e873-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-3e293132-82b3-4291-884a-1f5f7818e873-003
Request Chain 555
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5124322325976183165
Request Chain 557
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=d319ca96-42ff-44c0-8897-988943df9e52&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 558
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
Request Chain 559
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-45008890-6fdd-355c-82b5-ce5e8749de0d
Request Chain 560
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
Request Chain 562
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 565
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjJoU1cyN21aYTNUS0N1d25nQjhBR0FUQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGYyaFNXMjdtWmEzVEtDdXduZ0I4QUdBVEEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGYyaFNXMjdtWmEzVEtDdXduZ0I4QUdBVEEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGYyaFNXMjdtWmEzVEtDdXduZ0I4QUdBVEEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4658758249816758715&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGYyaFNXMjdtWmEzVEtDdXduZ0I4QUdBVEEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=f2hCqR6YWwXQ1a-JO7L-XZbRA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=8956516326104209569&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 566
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8956516326104209569&gdpr=0&gdpr_consent=
Request Chain 567
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=ZabQvmqiget-9tW8ZavO6TKn0e9-o4DpY6dPDt8C
Request Chain 568
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZD2QugADfbBxvABL HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZD2QugADfbBxvABL&gdpr=0&gdpr_consent=&_test=ZD2QugADfbBxvABL
Request Chain 569
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 570
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 572
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uBojuHZE2uE1m5JT7NdZspZTqrxdHl48~A
Request Chain 575
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJDMTA1OUQtNTkwNi00MkE5LThDQTktM0FDQTEyOThGNzUy&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 577
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
Request Chain 579
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=dz13wn8fouv9efayjz0rreg92 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=dz13wn8fouv9efayjz0rreg92
Request Chain 588
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZD2QuiGpPvO3aUQ.jHLQOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
Request Chain 589
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2QuiGpPvO3aUQ-jHLQOgAAFFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
Request Chain 590
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
Request Chain 591
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
Request Chain 592
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1035643d-90b7-4200-a221-a4710b81560e
Request Chain 593
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZD2QuiGpPvO3aUQ.jHLQOgAA%265202?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2QuiGpPvO3aUQ.jHLQOgAA%265202
Request Chain 597
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZD2QuiGpPvO3aUQ.jHLQOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
Request Chain 598
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2QuiGpPvO3aUQ-jHLQOwAAFFIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
Request Chain 599
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b42bf460-3b10-2dc1-eeb2ed40
Request Chain 600
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6b8b132-a269-4263-8a31-42e42d831299&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 601
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
Request Chain 602
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
Request Chain 605
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1315223837049125863
Request Chain 606
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9e4246fc-2362-4683-af4f-90bfff0796b2&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4658758249816758715&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=&gdpr_consent=&us_privacy=
Request Chain 607
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9e4246fc-2362-4683-af4f-90bfff0796b2&obuid=ENC(bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DbJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING%26us_privacy%3D$CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid=559f3b71cf78383f687e1858a7d0b1bc&obUid=bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 608
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=5efa152a-db35-4eb7-888b-5e5f4df1e85b
Request Chain 609
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-dff1b18a-91f2-54c7-5217-efe1fa106608$ip$81.95.5.39
Request Chain 610
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-BbV_N1hE2pe5WAPzipKYPLeHwLW5swJ_vhYB~A
Request Chain 611
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=444a4ca5-42e7-4319-abaa-498720f09c0a
Request Chain 612
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 614
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9e4246fc-2362-4683-af4f-90bfff0796b2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=955RvR3fjktXWhFMah_A&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OJVGVJHMURTMZVGW5CYK5UEMTLBNBPUCJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OJVGVJHMURTMZVGW5CYK5UEMTLBNBPUCJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=955RvR3fjktXWhFMah_A&us_privacy=1---
Request Chain 615
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=5a469d9b-40f1-4a3b-903c-082b0fcf6b49
Request Chain 616
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=xhEDy3HHEp7P&ev=1&pid=558355
Request Chain 617
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8956516326104209569
Request Chain 619
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent=
Request Chain 621
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZD2QugADfRJykwBL&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL
Request Chain 625
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZD2Qu8Co5s0AAE2xOHkAAAAA
Request Chain 626
  • https://cs.admanmedia.com/sync/gumgum?puid=e_9e4246fc-2362-4683-af4f-90bfff0796b2&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=299728d2-bc6d-4866-a1b5-47879b085727
Request Chain 628
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=3OxQkiYyWzBz8jv6c9IZ&pi=gumgum&tc=1
Request Chain 629
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 631
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 632
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6403764937664543680
Request Chain 634
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 636
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1315223837049125863&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 637
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223088488735963280&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 638
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3_GxipHyVMdSF-_h-hBmCFFfBSc&gdpr=0&gdpr_consent=
Request Chain 639
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdDAwN0lleUVBQUNCVmNScE5wdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABt007IeyEAACBVcRpNpw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8956516326104209569&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABt007IeyEAACBVcRpNpw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8956516326104209569%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8956516326104209569&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABt007IeyEAACBVcRpNpw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt007IeyEAACBVcRpNpw&gdpr=0&gdpr_consent=
Request Chain 640
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZD2QugADeOgNhwBS HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2QugADeOgNhwBS&gdpr=1&gdpr_consent=&_test=ZD2QugADeOgNhwBS
Request Chain 643
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 644
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 646
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=rgevf0ercwsk
Request Chain 647
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbnRWnaRhYRTQhjSj%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=cdcd786caf98f03f79064efbc848a0c9&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbnRWnaRhYRTQhjSj%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbnRWnaRhYRTQhjSj&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 648
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5JhdiulTTV2VSVG0VkbLGg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 650
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2428412883 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 651
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E4985D8A-E953-4D5D-9549-51B45646CB1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjJoQ3FSNllXd1hRMWEtSk83TC1YWmJSQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4658758249816758715&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 652
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTQ5ODVEOEEtRTk1My00RDVELTk1NDktNTFCNDU2NDZDQjFB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 653
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBGCeZcThZ3ugXCmV7LNbDA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Request Chain 656
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4658758249816758715 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBGCeZcThZ3ugXCmV7LNbDA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 657
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E4985D8A-E953-4D5D-9549-51B45646CB1A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9zUjF3VE2uVotnb7catJd2ccA0TTB7Y-~A&gdpr=0
Request Chain 659
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_661c4f23-5baf-4744-bf56-c247cc43ff5e&bsw_param=8be02d32-7750-43c4-b6ad-b005c905096a&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 662
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4141980922447770076&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBGCeZcThZ3ugXCmV7LNbDA&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 663
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1315223837049125863
Request Chain 664
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f7eeaaaf-d693-4488-a511-32065d8fbead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 676
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4658758249816758715
Request Chain 677
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP

674 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.921theticket.com/ 		141 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
cd2589ac007da8466262789edcaaec5a7098db6c4bcc1931a2ede547cb79cdd0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
7b96bfec3abd918f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 18:32:16 GMT
expires
Mon, 17 Apr 2023 18:37:16 GMT
last-modified
Mon, 17 Apr 2023 17:32:35 GMT
link
<https://www.921theticket.com/wp-json/>; rel="https://api.w.org/" <https://www.921theticket.com/wp-json/wp/v2/pages/27>; rel="alternate"; type="application/json" <https://www.921theticket.com/>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-pingback
https://www.921theticket.com/xmlrpc.php
x-powered-by
PHP/7.4.30
x-whom
web-18.ampcms.internal
themify-1981993783.min.css
www.921theticket.com/wp-content/uploads/sites/773/themify-concate/2889854223/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/themify-concate/2889854223/themify-1981993783.min.css
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc1236256d8bc4e006694b3f3a093aeddda254854c5f7c62358870888b5be50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 09 Feb 2023 20:17:35 GMT
server
cloudflare
etag
"63e554df-c97"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
x-whom
web-20.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bfec6b24918f-FRA
content-length
1270
expires
Tue, 16 Apr 2024 18:32:16 GMT
css
fonts.googleapis.com/ 		2 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:31:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:16 GMT
jquery.bxslider.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/jquery.bxslider.css?ver=20210512-3
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663d57136dd8c18d6664ef3f4331160ddea49bfb98913adfad34ed44a0553883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9VQBFQG2JN419WK2
age
2232327
x-amz-server-side-encryption
AES256
x-amz-id-2
502wjLXKKQezG5cFX2M/FNZvfwi7Uss4NrMX8lhtU4Npk9aCqDtWiitQWN5EnSddkQ4rPopm/7I=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"3d8eded099b511ffd114be32a648fa78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994568ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
widget.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/widget.css?ver=20210512-3
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364d2db94de8213f27558dbb869c4a5d21ab12c8407bf1aa318a23c73aa3cca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9VQ16DCRQZEY8Q61
age
2232327
x-amz-server-side-encryption
AES256
x-amz-id-2
qM9CEF1IGBLHVh6BByKDMqMwuqlBgqgzJlGXqaKPHTB1zdk+yZEwyxEdiXQX4FVS2Y7rrHxSrVA=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"ea48abac6d07aeafed52fd865b27263a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994668ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
/
www.921theticket.com/ 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
58c255681e66fc4e52c02e37638aa2197911b5e59b07234a1273bdff4e2e4900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 18:32:16 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-whom
web-19.ampcms.internal
cf-ray
7b96bfec7b34918f-FRA
expires
Wed, 17 May 2023 18:32:16 GMT
/
www.921theticket.com/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/?headway-trigger=compiler&file=layout-front_page-https&layout-in-use=front_page&rand=1478269310&ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
ad394baefe7a3912e2446d8ae2dfddfc9a032aebfa672ba3764da480f41fed07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 18:32:16 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-whom
web-21.ampcms.internal
cf-ray
7b96bfec7b35918f-FRA
expires
Wed, 17 May 2023 18:32:16 GMT
/
www.921theticket.com/ 		2 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/?headway-trigger=compiler&file=responsive-grid-https&layout-in-use=front_page&rand=1260124828&ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
06ffc101b9e129d5b877a17bc6c3ade6101d1c637faee67267c45e4efe3801dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 18:32:16 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-whom
web-18.ampcms.internal
cf-ray
7b96bfec7b36918f-FRA
expires
Wed, 17 May 2023 18:32:16 GMT
style.min.css
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/dist/block-library/ 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9VQ0W887TMPRVMWN
age
2232327
x-amz-server-side-encryption
AES256
x-amz-id-2
9qGhBerH0LKKhn85uTlB3iKPg0oD6ZyaiFD0vsUTpwyoxyO1V7cjryJgntZdZ1iJBufQ1eJWnxg=
last-modified
Sat, 11 Mar 2023 04:12:09 GMT
server
cloudflare
etag
W/"71d925864153f0edf91037f3d31048e8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994968ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
style-index.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-block-tools/express-countdown/build/ 		2 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-block-tools/express-countdown/build/style-index.css?ver=0.1.720230417173233
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec517aa25da687ae3107c1db068b693383aeeb172bc6b3ff227de70ebff69d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 Mar 2023 04:11:16 GMT
server
cloudflare
x-amz-request-id
QK6ZYXKMG8DA0Q3B
etag
W/"6198d82d49268c51af334cc7a7ee9112"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994a68ef-FRA
x-amz-id-2
Rs9KY8y8WJvKmAhT0k8qGnYQTBcSHEKSQK17a/rqSgsoMqKH62VIrrD1ywoS+bLuodAiOCkqnTw=
expires
Tue, 18 Apr 2023 06:32:16 GMT
block-rewards.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/blocks/ 		88 B
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/blocks/block-rewards.css?ver=20220510-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356962d8530e483cee9e73f446497291af6bee1ee6e400e17b6d0f6c7178d0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6DSTV2SA547EP804
age
331931
x-amz-server-side-encryption
AES256
x-amz-id-2
ES5BJezbGdlx+OkyQUxhIvgBV3Ozyx4sPx/js6zv7w+1fHaUMttYPdGU4iL4FSihHqOuSRUnUBLp9Yyv4JurhJzTVXK498/J
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"fa9c966d5ea5c223769ac7f0fac6091b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994b68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express_expire.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/block-expire-date/ 		150 B
339 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/block-expire-date/express_expire.css?ver=20220624-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79baa2f6c69e94c26e3ef98a0864578d0c7aa4744d49cc420e2aac1e5f74d978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
PJCGRZABDJ78PHPR
age
323795
x-amz-server-side-encryption
AES256
x-amz-id-2
87TXER10ey6JX2HcaZioEN/mSWFAEkMfLq4we1nfEvqyWOaFZ9D2BcnDU3Blx+DUGRC0/1V7A0A=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"b08487f3ef4231dced1d12290c02062d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec995668ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
classic-themes.min.css
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/ 		217 B
409 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
1YP8KX6FVC9NVWKM
age
334394
x-amz-server-side-encryption
AES256
x-amz-id-2
E7XCncFPKpxG3/INt2kB2T+yqxU805DoMEh88Bq0CHNJlVaTsK2Y6BOIohsvhe/EjRezuZHXaXA=
last-modified
Sat, 11 Mar 2023 04:12:08 GMT
server
cloudflare
etag
W/"95e891f28e44a9b314c09545d86be2b7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec995468ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-common-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/css/express-cms-common-public.css?ver=1681391338
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c6d5d6a7b3ecdb323865a1b084488974fb96219d6620cf8a6e715d02cba55c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
N1K6ZTRQQ23MKJFG
age
358324
x-amz-server-side-encryption
AES256
x-amz-id-2
a08pBcXt4oMEDkHaV1TH0a1Qm1qTtMRzykFFuHJMJ11UqNIey0lmtc3nuIaT4mFzjNxtRSAttDShud1jORyHvrcucmP72AUTKa2uF4Eet2k=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"f7410fa02e7e75befc3cee9ddc0c945d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec995b68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-ad-manager-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/css/ 		98 B
285 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/css/express-cms-ad-manager-public.css?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8FAZDG4DSCPQX1Q
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
hvmQV0p+l0gghYM26dBJpXM22vyVXRUCCn7fEFQNfIO12DojDkSjxTwvDn9BsRZEf2ddL3Eq91xUhdeyRcYDrQ==
last-modified
Sat, 11 Mar 2023 04:11:16 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec995868ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-codes-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/css/ 		98 B
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/css/express-cms-codes-public.css?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T84X4X4ANPC8YGPY
age
2118558
x-amz-server-side-encryption
AES256
x-amz-id-2
mXOPz62aiH9oz142ViyuCS2dGH36gUKj3y8z08JE0jE0uthCZiimTAs/V1DrRMDtfb/xqMKvmug=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994f68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-control-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/css/ 		98 B
279 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/css/express-cms-control-public.css?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
JRZ4QEV4Z3E8RCT1
age
1019593
x-amz-server-side-encryption
AES256
x-amz-id-2
KoApWpuZ4duUynspRKKgZKxFUFmznqrqJeZp53bP9tb/7yawe4Ci3R1dKki8mTZdNnStxNbBBhI=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994c68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
breaking-news-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/breaking-news-public.css?ver=0.3.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1152e980ab44d04a8f640455607ce095cc3b1ec1231d32399804114d69913c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFN1REC3CP2BZB8
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
QlvLLpeOJkk3+ou68Dd1IK6WgwzEHBIRcctKXtGG0wD8BTHOWc8PeQR+QiQBEsXaCNzjgTSTcTQ=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"a44527265517fb5d5a29968d72a4dbd3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec994e68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
animate.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/css/ 		67 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/css/animate.css?ver=0.3.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
1GMMAZ4NRGTM7NEY
age
309327
x-amz-server-side-encryption
AES256
x-amz-id-2
dSvN0x2HuAm60aF10o6kcglvHDVQ0wAPa6ZE1x9twZjnIk0+pnJjxgqFOpYKY+TT0hamvSoHVpE=
last-modified
Sat, 11 Mar 2023 04:06:45 GMT
server
cloudflare
etag
W/"56848eb884e1ac347f711ae327419110"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997368ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-events-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/ 		98 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/express-cms-events-public.css?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFXGK66CSE5JFYA
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
ibP/CtfZCd6IOheEZKF2AD/0cypxS7R/18EY1IHf1CCRMFOTFT+8Y8m3fq58f/NWQs2pW1Ij8Xs=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996368ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-tools-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/css/ 		98 B
306 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/css/express-cms-tools-public.css?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
ZJZ2Y6CZPNDAPNZ3
age
330858
x-amz-server-side-encryption
AES256
x-amz-id-2
WT5kIq3XQGoL7yEEiPqhCvsCTuN+tI9bm4Y85iXvdkSvwNR80y+84B/edJNbi1bnVXG4lwBJ2r/ja1o1Xl/wtmZfJikGi/BWb7RtSO7Obqo=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996c68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/css/public.css?ver=1.7.2
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bd6b22e0e4e140047d4f01cc2b8a964cdd475739c75479b847a3ba642dd94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
X5HE8AHCA6CBB6C6
age
2278990
x-amz-server-side-encryption
AES256
x-amz-id-2
sml9LEnu3rar6cVZNM9iLB9vHC5Dk2CJpgcEpGXthqO1s9fHdDdeglnGBDfEXJoT4DR+62CowLA=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"d61f21724bcbefb7b79d6f6e2d5f4622"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996568ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
calendar.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/calendar.css?ver=1.1.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e19a2ec15cb7e80c28f326f1463ec063cb292de5cb20dec763f79b831177c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
Y64B3Y64VQCSRZ2V
age
2446058
x-amz-server-side-encryption
AES256
x-amz-id-2
5Ng7mGLoDgRZXWdby4nPL7IYifaFS0d/xBvVxdol0ovcgkYdVvoP1cYJbkTRa3Hl9NF3qbk14Sg=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"babf519c8e28f14aa61a4cf558b27e2a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997168ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/public.css?ver=1.1.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd48a56070c3af9e25a8f34adc58f5e3743d38740734f46128b58ffe3da24280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
J1GPWD75R308YCGS
age
992142
x-amz-server-side-encryption
AES256
x-amz-id-2
QwQ7Wz47STI63BCE9l2K2M2BiES0pr7JT52hQW+Pch+E7GoNf6d75+sN0cFHaV7PTHznepzOdzI=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"5138cb832a8e598cabba91458112078e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996068ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
feed-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/css/feed-public.css?ver=0.6.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d922cea252e89b5aba0193964a03e26866c41b08f107a5cb8576e12a9024b6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
502DXWPJF01W1FA8
age
2278990
x-amz-server-side-encryption
AES256
x-amz-id-2
DslHLdoRMJ/HTrKvs9fXqsU+YlsR/dwvjqb8R8Ze6/InMUeG1H7QILYw47lSVwYqSRhpqXxgqPs=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"9b316e25207a6111665b26028161e836"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996e68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/css/ 		619 B
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/css/public.css?ver=1.4.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9785da0a16c2b952d3c30278bf776dcd2ffb2236c53c681067c8b3b40ed813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
MS7W7V8XY8Y8P5WM
age
674137
x-amz-server-side-encryption
AES256
x-amz-id-2
sZskd0tco60ONmn2AWkyLdn7IMuvmumHhSM5DagubLjwtWCZpMBF6AthTr+Q8gw5mGAV/oI7MZ4=
last-modified
Sat, 11 Mar 2023 04:11:20 GMT
server
cloudflare
etag
W/"eba464e761f24a712d4c53a6147ae097"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996a68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/ 		70 B
252 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/public.css?ver=1.4.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7122641b831b99a8688c6ab2e7b68c7c14e8c87ae3123de798ddf227c9c98f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8FDP4093SD9RJ3D
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
P56OJCDy5c4ys59lEho0TYm6T9cttuVLtscgttbRQLwltdEqIcfpEVzo4RboDdkeC6kH9XIixws=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"81670b1875121f3af0053a25996ee983"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec996768ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
amp-header-rotator.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/css/ 		323 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/css/amp-header-rotator.css?ver=1.1.5
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295d7a89edba340ba21a782d60adc4cadfd7fbd2ba00d9f2c931425ca1349dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFRV989BAN04FZV
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
e5Xgjc6nDCch6TxiCO3G+XprmKqTqo7iAtbWPRS91zsU9Kb62BXNjpuddsaBiX1yMAlcyMfltNQ=
last-modified
Sat, 11 Mar 2023 04:11:49 GMT
server
cloudflare
etag
W/"1993870d47aaf4540cdb59b256e9b4cf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec995d68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
jquery.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
SZFW6YYZZJKSG8JK
age
48237
x-amz-server-side-encryption
AES256
x-amz-id-2
VmbjkJfXj2tGjz0X3a2BBq/zesz9rvFxNbt202gF3PxGq4Q/iWZTV1Bp7iCaCcINPvQZ1UAAJ4I=
last-modified
Sat, 11 Mar 2023 04:12:19 GMT
server
cloudflare
etag
W/"17738318d61d394f1de8890d589afaec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99768ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
see.js
engage-see.franklymedia.com/widget/see_10526/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://engage-see.franklymedia.com/widget/see_10526/see.js?ver=20220510-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
jquery.hoverintent.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/jquery.hoverintent.js?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b0c31b7787a7bef6386448b3309dce9e0e1752f0a7cc740ab646e571c20515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFPXAJDNKAGJF60
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
IleC9TKiY3etC5F31qRqHQZ3ZmevNkwW/66v7LDq9TIRuMIwBuCY9gt+qr9FceH7E3rcFSwutqw=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"218669b2e0f3b74f1b1070ee47c2f5c3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98868ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
jquery.superfish.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/jquery.superfish.js?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790bf3c108253318c0f755902849eed9f8e9bc3c0d1e80908f88306a716c1121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
KR905E3D9CZSPNAS
age
1020981
x-amz-server-side-encryption
AES256
x-amz-id-2
3zfJgQXQo+ms5YRVW2t2QvMr48uGYp1e4UL0/RjgyVdqI7Slybywnxvr0rRfbgiNUKWBW4BYp6k=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"e25252b091be6a11d7f4c02b79741e9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98c68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
selectnav.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/selectnav.js?ver=1681391338
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54914436c21b3b9381a395a47ccd0aef9ee898fd5970759bebe9a6b7d82a80c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
N1K25GY4CHGADAQ3
age
358324
x-amz-server-side-encryption
AES256
x-amz-id-2
rXg+jY4EqDLl3oRORQEBYgxqEP55LeyjsRVHLoOSCjvG3O8kGifoHIsS5y+WWSgtGk5yp0gsdjtp/4KVFKbVCnVgu4GRgA/ZDJY+mo8hQ0s=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"0b943fc1c8846b14bdcb1248bd42cfd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98f68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
/
www.921theticket.com/ 		1 KB
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/?headway-trigger=compiler&file=block-dynamic-js-layout-front_page-https&layout-in-use=front_page&rand=558967813&ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
a649351f652adc12bed8508d1208fcbd383330ed6feac5f3b62c911214a9110b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 18:32:16 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
x-whom
web-22.ampcms.internal
cf-ray
7b96bfec7b37918f-FRA
expires
Wed, 17 May 2023 18:32:16 GMT
jquery.bxslider.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/jquery.bxslider.min.js?ver=20210819-12
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fca634634da26dbe8550625e906c79d696fd3bd2202274dde486b3a764a17ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFMXBMGJB806G9X
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
+A9kiV7S+kUoKTpeXhr9WIplfWfCn3hojOKlWg/OSWh8CDtndohkJVfpBdzUpbGGmxCeWfSRAxs=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"0cbd064ae0b34714d93db7608d4c9c0f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec998268ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
widget.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/widget.js?ver=20210922-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aef316686fd7fd39547fa8ffd64c18177dbd0e38f4f606adb68e9ea83fb2e8cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8F7XMS6EQJ1FV0J
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
3jL0OCesaDJNdn54npGgQ6mn25SV1oazQ0o3yhC+qA2/4ofpR5AtZYJ+XDipnKrBu8HvnN1JuRk=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"b944e8ab21340e5c83c9db8f822e5b69"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98968ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
jquery.fitvids.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/jquery.fitvids.js?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9183a7bbc56ea4bcaa21f5c619e23a4dddbe13b3017443e703ba53ca27bffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8FC4E41AH1EDTDQ
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
ShcM/fuxPIXZHbAzmPCW5dUQlgSXoF5cYytjyNyC3yK5Fl//p776BfDkcNLkgTRwVlHqKjl7bc8=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"3d00f866079c34dbf7f7bdd4a235efad"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca9a468ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
/
www.921theticket.com/ 		69 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/?headway-trigger=compiler&file=responsive-grid-js-https&layout-in-use=front_page&rand=1935235833&ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
63c817698a0c1c81dab9b49270009f2c154c57b83f6bd04c29a70a9e6de2d441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 18:32:16 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
x-whom
web-16.ampcms.internal
cf-ray
7b96bfec7b3b918f-FRA
expires
Wed, 17 May 2023 18:32:16 GMT
amp-common.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/amp-common.js?ver=20210629-03
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e43c5f1049dad60b6981e789374eab9014c14fc5797db38916c20c2084e9eaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8F3QDFQ7AR3KXV4
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
+ZlcCBBlSFYmWrncC24O9VOW8iS+huG6w0Uz0LISWkvGtzcLCYBYWrlzDBcLfMMbshBUA7vkUGo=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"f42f308363741a65795ebb49859e9d52"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99b68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-common-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/js/express-cms-common-public.js?ver=202200726-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1032836036e1bc00061c64c8a625fe47b9aece6db4af4fe488bf24d60d253b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFJCYKR5A0SFHH5
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
v6RaL8OpeRJjAglkJq/+l7smuNyuGZF+QEnWAqqdTfL+8eLo/N5PyD+vd0DfkQiq66ShBxqqVj0=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"88b1ce5cc9f277e90cdc8db3b7164a1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca9a368ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-ad-manager-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/js/ 		838 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/js/express-cms-ad-manager-public.js?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFW8MK8ZVHGZF5J
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
kxU6A1WpfB27IpGbKKCyQfl7kkW4XXcQ1Bhf6rQKz7O6ysqFkZ9CJkOM0cW+CD512IyxRUVfc/M=
last-modified
Sat, 11 Mar 2023 04:11:16 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99868ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-codes-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/ 		839 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/express-cms-codes-public.js?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416ecac927611cfec67f7d37b7629ecffc9b545bb90364994b957ed72def5769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFP262GNSCZV1FR
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
JctVV4mZvaTiGJmNIY3bGZPff6L3qzL7XgYcNgKnw0AC6H11ZyvPunoTV4hBk0E4NX/bUf/+yS8=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"5e068f886367c31bd5272d5c79038190"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99068ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
js.cookie.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/js.cookie.js?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291b586499936c0e8938e1829cd7b1127599467d7a6fbacc43d610c6315d1897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFPGKWNF0Z6F9ZV
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
hz389pSiJGfAXbKgMx0El7RGDFk3ro5La3i3khT0LIYmoWK8/E57POoh7rD1OsP+ExOrKxMV2bk=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"055ed2845cf70fe617c5392770848be5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec998368ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public-rewards.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/ 		3 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/public-rewards.js?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978b3c36d61e5c2fd93072f6d18d95436bd9c302c5d77d1bbd74f62fa5ceae1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8FB6QBV10K7BB19
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
yW4IXI2lwTge5f+UvegmncnAiuRglUQ8qic9kAnhdHetkg32zohJjqwdnblJL0oJicvqsy70ZhY=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"9d8e599b4d452f2c3278b27158d2895e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99d68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-control-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/js/ 		838 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/js/express-cms-control-public.js?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
CXD8DZ67ZDRHS9PJ
age
323184
x-amz-server-side-encryption
AES256
x-amz-id-2
XeMUuv+QrSofU8Lj4oOXji7Pd7nKK0b2r41ahbGAT4IssM0t4PU4knjz83nD2yD8nZN7/9imKSU=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98768ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
breaking-news-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/breaking-news-public.js?ver=0.3.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038f8a9eea843881ed306613e33bdf5172437c90214850d58cce2558dda1a131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFJX9TB7B8JWVYB
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
gNl1sL7G5fhHcldTSvrY7MnXnD9M4AEXjN3avtJ820/ihAwdcbII4mIZoIMaPfiyWjAiP/76NA0=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"e177ed843616b70abebf81a6bde592cf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca9a068ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-events-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/ 		838 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/express-cms-events-public.js?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFWXARPKXWX0R9J
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
VV0cHqpb1GCIng2+yKJWey0BeqO58X6FBb/RC5OQFw9nQuSJjQ3+QvoXSAXMOMZDeaMaXDyOn5g=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98d68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
express-cms-tools-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/js/ 		838 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/js/express-cms-tools-public.js?ver=1.0.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
Y64D35C2EWAM3FRA
age
2446058
x-amz-server-side-encryption
AES256
x-amz-id-2
gwkFcNleHY/PY8WiOhIffkyKFCBsEP15gzCfbIvZReH3/C1Ui3ZkKUdadLSqT5v1PvZa31x9k2U=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99168ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/style_functions/js/ 		507 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/style_functions/js/public.js?ver=1.4.5
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fdd97604374e58db3009dbad40df4e61a0a9fa5207d636049e9d3af4e62839a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8FBY88WRWFRFYTR
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
5unmCARwOJupmHAGOneg+O7qIB9SLqfCCx3N2ZTCiySi6+pxoU6uRe2w3Ha60MzA3eykJzDJtHc=
last-modified
Sat, 11 Mar 2023 04:11:18 GMT
server
cloudflare
etag
W/"0ee9c3d4b1a9df754082ddfcbf9a5527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997568ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
jquery.initialize.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/jquery.initialize/ 		3 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/jquery.initialize/jquery.initialize.min.js?ver=20210820-03
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71970f2bb23c0a4f6bbeadad64b42a9dde1b48dbc1aeafb584eaedc59049ee10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8FE82XP3YJFGFEM
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
RCxWLUtHzvR5p4+svGUvBNjC3gjtWdC9vOir2otL/SIVVBAcH3QoJRFI6JkgGMwpprIkk0QRYxQ=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"56825fbc8503ad011c82df0ae1750cd3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98568ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/js/public.js?ver=20220707-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fd543268145b18319b3d6e3f13a178413f2f5da535a2c860d0f9e17388816f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8F7CCZTFGS8VCNZ
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
a0lXO1zd4ZwNWd/nrnThToJCZSBp/IGGGE6LWClFcKrNCO2CE3XOXecCppG/8B47WVfoGfC8G3g=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"71d016d2bbbba5de2f256101ffbd15cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99668ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
calendar.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/calendar.js?ver=1.1.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e600024f21bbdff0ede268acc13b91584c47de9061fb04978c61bd5d1103efe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8F1KN7WT1R97YP5
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
OkW5m6zLRungfzx8pYVuC7MX+/KhxAvHq79SFIPObj6HuXBiPc2jkrqyDq6vNQVdd67h9EGHCFg=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"61ef9a2d991bf52b61785025c7e4a1b7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca99368ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/ 		294 B
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/public.js?ver=1.1.4
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7342b56a65057bfcf933f9c4d08c18469bcebd01186dc3fa105c6b45fca4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFRF7202G6D9YV0
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
Nqp1BP6eRxIrzj1W8NbyYDVJeRPCalTfC3jQ79P4w3oTXGaWxT8VSn3y00OH4kTATVX4C0UUn7A=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"0737ef8f57ea72a50b7b6d58b2de3fb6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec998068ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
jquery.totemticker.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/jquery.totemticker.min.js?ver=0.6.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02e1c4876697288c0ff5900c69d9b5f2a9d1118958813c682ecbbe469c1aee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
YM1R17HV4R5Z50KS
age
322686
x-amz-server-side-encryption
AES256
x-amz-id-2
KQSWaEsJMngpxW96kDBcfvsUDkJKRsgiF8HSpd8Un8EahnXRO7JBa21/NfJp+8yWwlP+s40r+us=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"ee3f51bd97e07c04f39b8133ddb81e8d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98668ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
core.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFWYRNW9YBHEY90
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
6cYIcUi2M4G7+zRfxq9C//tjEFpKFkqKjGWYrCHD1q+L100+eX6s68XC1a9cjvdi+H2bNMrfBH8=
last-modified
Sat, 11 Mar 2023 04:12:19 GMT
server
cloudflare
etag
W/"034bd11ecaf6fb9240d905245e42e202"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98a68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
tabs.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8F4ERM8DJVQ2P8V
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
BopKugLM3beOkggheWhXiI3PLOa+VCFCJMeNXNNxMMPhk6cSrKbgbqHBYozcBw8Vt/bYQ/ZS4d4=
last-modified
Sat, 11 Mar 2023 04:12:20 GMT
server
cloudflare
etag
W/"88407dc30b83ffa7dd834fe4a35307b7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfeca98b68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
feed-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/js/ 		1 KB
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/js/feed-public.js?ver=0.6.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150861597da231bb966dfd09e58a556e104927ec8415ca49e3a3617596059f68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFJ8A743YD1ZA7X
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
UTNXaGhDzwwS0OTlCMR0w3DvaMUkt/SVqFm8G294uWsRIXGPIfAf7/ih/vqYKkgb+fuBrCW2cgw=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"e7280b4691fdd16ee788534554025404"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997768ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
feed-date.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/feed-date.js?ver=0.6.0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29669f0da6d433ce276d7b4e6223a3e70a4e9d9c6bbc788ef7d2291bdab64eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T8F5M73APDB6WRES
age
2251583
x-amz-server-side-encryption
AES256
x-amz-id-2
FDpowmbW8Np2fYbS2zrsLpEJl5hqh7iRw9zniMIpi3M9zFglfeH8St2tPCh5NRRMkUfpILNilxE=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"a7c017b1485d42fb4531b57c103a3a26"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997a68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
playlist.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/js/playlist.js?ver=20230417173234
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f09057ed1db27518f862dcefc307e3f6f3218e5244249bc9b291fc1018e7ea8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 Mar 2023 04:11:20 GMT
server
cloudflare
x-amz-request-id
QK6JYYGFYD7RFHCS
etag
W/"ba0d7bab1a0d7a6c4fa6e63cfd9bab58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997f68ef-FRA
x-amz-id-2
XduspaCoLirepHa1usmuLJYV0+k91kg0CWfAm9C14Ah1QYesnlhM/npsGif1DfiyS7iblJrrM8o=
expires
Tue, 18 Apr 2023 06:32:16 GMT
amp-theme.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/js/amp-theme.js?ver=20210929-06
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f1c664fdf930c1ecf1b3be8b7814abca4b9db344af4f19776c93bb780135d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6HFJPF8280M6JXHB
age
667722
x-amz-server-side-encryption
AES256
x-amz-id-2
uuVlKQdprRTT+97a1D1dqYpAvyFnaZ+fhYCJM3WmvmomMlWXWL6NlcfsGVdFhoqSFWxKcN5v4sk=
last-modified
Sat, 11 Mar 2023 04:11:49 GMT
server
cloudflare
etag
W/"09aa706d8feac065370d4c7e51559566"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bfec997b68ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83b41cd99a58244c5664fabe36fb47e50e075f893886ea7fa319f3adf33f2582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38402
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9e2bee00254cf88831cdeda40df1704893485269c7ed3618453833d64c4d300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25389
x-xss-protection
0
server
cafe
etag
331 / 19464 / 31073791 / config-hash: 14714238765142767567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:17 GMT
KQSM-FM-logo.png
www.921theticket.com/wp-content/uploads/sites/773/2015/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/2015/05/KQSM-FM-logo.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef0c4740062d3e2cfdf6e0e2e08eac60504be0578db18c6cf075931ab3d126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Tue, 26 May 2015 18:07:03 GMT
server
cloudflare
etag
"5564b647-1462"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-18.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bff1bc3a918f-FRA
content-length
5218
expires
Tue, 16 Apr 2024 18:32:17 GMT
The-jim-rome-show.jpg
express-images.franklymedia.com/6616/sites/773/2018/12/10154127/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2018/12/10154127/The-jim-rome-show.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5391516b656915c20c8e2dcf60325f2235bfb2fd1ddb65d3798e290f3e0356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Dec 2018 21:41:35 GMT
server
cloudflare
x-amz-request-id
VXBRZEPMYNXKN8AD
etag
"ffb157fbb163209b049689af9134884d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b96bff1eaa19ba7-FRA
content-length
30810
x-amz-id-2
1S/QpBAJPbgKgEqejEoo+SUV926hLnRYLlnJvvx2bGfa6TKDppRP4aXHjxBua23fckNPxRjFqoA=
expires
Tue, 18 Apr 2023 06:32:17 GMT
apple.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/apple.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
droid.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/droid.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
sports-vip.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2015/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2015/01/sports-vip.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
facebook.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/facebook.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
twitter.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/twitter.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
listen-live.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054414/ 		985 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054414/listen-live.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ffe77d0f8d8b0b74a00ad2cd3bb5d424e904c2adba467659f77abc894ea6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:15 GMT
server
cloudflare
x-amz-request-id
VXBSDX0JHSXC05ZE
etag
"8c8b557de3c7b4efb51d958bc4c89516"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff1ea9e9ba7-FRA
content-length
985
x-amz-id-2
ij8XMU7d8XQFYWU9hu+y/vwIptTp7Vqz4F5V0WgRYPvfMBV0+dABcULMhCkgEJZxREOsXoL8tuY=
expires
Tue, 16 Apr 2024 18:32:17 GMT
Smart-Speaker-ROUND-RED.png
express-images.franklymedia.com/6616/sites/773/2019/07/12160658/ 		528 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2019/07/12160658/Smart-Speaker-ROUND-RED.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1570ffb78a43e3812d58cfb562b73b5328049cfcc637dd7c4e20577aad3b3b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2019 21:07:01 GMT
server
cloudflare
x-amz-request-id
VXBTKV3STS3NWNNA
etag
"1ff103c7e9abeba4d1977c119d8b69ba"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b96bff1ea9a9ba7-FRA
content-length
528
x-amz-id-2
U+ADx+f+fkDZKXHNURaUub0p2SqMxtc7Y4WXAKJKHahOQfV+0O6hxKjivYUH6EsFO4f/Yt+2im8=
expires
Tue, 18 Apr 2023 06:32:17 GMT
/
w.dailysportspage.com/cumulus/widgets/scoreboard/wide-2ac9f/ 		3 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.dailysportspage.com/cumulus/widgets/scoreboard/wide-2ac9f/
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.166.135 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dellsportsgames.com
Software
Apache /
Resource Hash
f97c6a2baabddbacae99d9e9b222598fe2aa63f5afc27fe54ea2f48738f27fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, private, max-age=300
accept-ranges
none
content-length
851
expires
Mon, 17 Apr 2023 18:37:17 GMT
77dc702675d82e7f7c0f80bb0014a617eee86d7bbb249afe34cc4448b2f7702d_large.jpg
express-images.franklymedia.com/6616/sites/773/2016/10/27054354/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/10/27054354/77dc702675d82e7f7c0f80bb0014a617eee86d7bbb249afe34cc4448b2f7702d_large.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66bcfd8006e20f5a2322280c2052ae1f34fbb129f5d69a873a76f5d58a275838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:43:55 GMT
server
cloudflare
x-amz-request-id
VXBYJ82XXV65HPC8
etag
"25ddfe3a3ac5b7f955b9c99cc14b895e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff1eaa59ba7-FRA
content-length
41225
x-amz-id-2
Zj47mI/pAF9KhuqQPDnbbJDv1WbyDqBWz9Iu6EbD1bnOgdqWKsowOJOWhlVJxWtOHDPG7Peb3Dg=
expires
Tue, 16 Apr 2024 18:32:17 GMT
GetScaledImage.jpg
express-images.franklymedia.com/6616/sites/773/2016/10/27054355/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/10/27054355/GetScaledImage.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3d56c686de12309c147312d68ec83adcaa898664f39baf3b93335e6db35808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:43:56 GMT
server
cloudflare
x-amz-request-id
VXBG179GMNNX7PC9
etag
"684dbb4a59cbd4192f4efa3a1b122234"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff1eaa49ba7-FRA
content-length
47890
x-amz-id-2
jICr8tylb2WjHUd3T4PnvLJdNnYvQQY+UGhTQOtKcYccD6X7WSPuXiusY8F9XbapzjRdj4IHHBk=
expires
Tue, 16 Apr 2024 18:32:17 GMT
1590-AM.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054419/ 		549 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054419/1590-AM.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4d9113b63f9dc6c73736f92a596d5535d9a90c15566c49ac4c4c35cb104ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:21 GMT
server
cloudflare
x-amz-request-id
VXBNA51MN04RC4B5
etag
"b53ee76d609dc41a03c2ac70aa3f9056"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff1eaa29ba7-FRA
content-length
562385
x-amz-id-2
lWkAHIFWya3dDY4gVQdUiSLwemAsyHBUhIBcWAw2CG27SOliZ/s1K4jQ1AFFcwMYPUtW53eD+G8=
expires
Tue, 16 Apr 2024 18:32:17 GMT
SEC-Report.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054357/ 		409 KB
410 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054357/SEC-Report.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cf6ef33b1f1c9b4127aa3e7cbbdd3e9ffed4aab0e5653ae90f9ff5eedd580f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:43:58 GMT
server
cloudflare
x-amz-request-id
VXBK6ES0T0NVVW7S
etag
"69ff4ac75cec4314750dd9878f9b703d"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff20ad69ba7-FRA
content-length
418960
x-amz-id-2
Ux42Fy/a1N2EkhRQxXkmeuM8pL6w2+KQtgOpCDPk/kRMmnGY/7Fc7kyAyGVIcfYnaKjBnUE7vuM=
expires
Tue, 16 Apr 2024 18:32:17 GMT
Paul-Finebaum-show2.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054420/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054420/Paul-Finebaum-show2.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d51e29207f355c0f93571882581f4ddab0b547dad3dfed1154abbfb3227435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:21 GMT
server
cloudflare
x-amz-request-id
VXBX3WZCGMQE165R
etag
"6d51d8464391d3d3e5660f6b4f63c6f9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff20ad79ba7-FRA
content-length
220008
x-amz-id-2
Eg+vsBVo7OuF9bDYYhy0FswadlMeXSdlMKvLKLM+2csYvsZ9MXcVDiMsXYM4Dzs79fe5bg64r30=
expires
Tue, 16 Apr 2024 18:32:17 GMT
jbs-Red-Zone.png
express-images.franklymedia.com/6616/sites/773/2015/10/27054417/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2015/10/27054417/jbs-Red-Zone.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b06d0417a083d59db624688e0c5fcf444114515d2e55ffd0b79fc3dd7d51de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:18 GMT
server
cloudflare
x-amz-request-id
VXBVH7NBGMGX6D90
etag
"033355f94cf80a1162fc744d96f72673"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff20ad89ba7-FRA
content-length
242979
x-amz-id-2
Xtq641EVZakjV7FgP7i/N39JUFgJhImW+E1TV7iAi6DJtw+Vu2h0iMRNJBFwD1ktq1uNFK1tEYk=
expires
Tue, 16 Apr 2024 18:32:17 GMT
free-tickets.png
express-images.franklymedia.com/6616/sites/773/2015/10/27054416/ 		511 KB
512 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2015/10/27054416/free-tickets.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9642a7cd7d6e86b4b352d4a70dbe9d65ccf547bf2bcf27b7c888ca7cd4f82e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:17 GMT
server
cloudflare
x-amz-request-id
VXBYE7TC6DKGNCEM
etag
"82313ea07000def0f70bb56872ece37b"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff20ad99ba7-FRA
content-length
523513
x-amz-id-2
1Xa9D8B4BD1Nde3pv9IGs7FRVw2Ee9PiXuTPDjT4+u9Car7IF3uLCjc4YdLZHFDJ7R+TpbVKHJg=
expires
Tue, 16 Apr 2024 18:32:17 GMT
sweetdeals.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/10/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/10/sweetdeals.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=5oC5qDti&cid=5513&offsetx=0&offsety=80&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Server
65.9.95.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-125.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e3149128340c4394835bb0559edba9bd118e07b596e6fbbb18fef086f3151af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
x-amz-version-id
Npbjl45.1re9KBFp1zRfU8oCvBFT.Jed
content-encoding
br
last-modified
Thu, 13 Apr 2023 22:03:13 GMT
server
AmazonS3
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"10d1f9b68717354de69106da6eb5e057"
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1wmGqvQGBG4d3VPy_IEssvzv363WpK-JvvXqvRNCfyoISMbcoMSfyg==

Redirect headers

date
Mon, 17 Apr 2023 18:32:16 GMT
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
jMmKfQDbrLi4xg2KxR8fYPaQOHt4gr8lK5-GpN3kPzZC-ctdpYtvNA==
icon1-150x150.png
express-images.franklymedia.com/6616/sites/773/2016/09/27054400/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/09/27054400/icon1-150x150.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2929c10f564d5dcc70c9f5cc2467163e93183de7c77bca59ba92471b8c29441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:01 GMT
server
cloudflare
x-amz-request-id
VXBS4RHB1VM9S4VB
etag
"63a083162baf2110b4002d7c3043d51e"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b109ba7-FRA
content-length
17139
x-amz-id-2
Y7DfzfWDfi92Khmp3929++MDbTpi3aZLaOgF37c3dXAqLPxnsajF+DmgkFsSuBF+jIuCgblDJ1U=
expires
Tue, 16 Apr 2024 18:32:17 GMT
twitter-red-150x150.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054414/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054414/twitter-red-150x150.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f1a336db6214729bf4367c8af5b05c7b1e3be81d27580fe35c3c10b1361cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:15 GMT
server
cloudflare
x-amz-request-id
VXBW94EKAH92JC3W
etag
"5dd1e0244bba5b3a3c532fa185ba6277"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b139ba7-FRA
content-length
36130
x-amz-id-2
rwBYtH3j1C8Miew5n8w8sFq8ZbpCTevXRYVjYLiq6I/0Pe/eYKiV/8GVH3mwuk6BSUkKWhVWHkg=
expires
Tue, 16 Apr 2024 18:32:17 GMT
jbs-Red-Zone-150x150.png
express-images.franklymedia.com/6616/sites/773/2015/10/27054417/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2015/10/27054417/jbs-Red-Zone-150x150.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da4d20ce1e7d97aaf4f002ca45172c0d296feb3f924f611377294884aea01c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:18 GMT
server
cloudflare
x-amz-request-id
VXBKW6YSFC8231VK
etag
"55b033d31888cecdc535a6b91cfbe6cb"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b149ba7-FRA
content-length
30838
x-amz-id-2
6gJqSz9N1gGceVZEhqBe580sxEWYaSHg7CtJLEVCpg5ft+2+kjGxKzjT2/5x4QcYoYbAjhSxkMc=
expires
Tue, 16 Apr 2024 18:32:17 GMT
twitter-red.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054414/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054414/twitter-red.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c034ceb64f4273178d6226ddb7b11bc6eac8c353a015296f677c16b70d09d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:15 GMT
server
cloudflare
x-amz-request-id
VXBZQ9BC9Z3F9ENX
etag
"000c4f1f5c0284ef1787d331a945186e"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b159ba7-FRA
content-length
68000
x-amz-id-2
Vgu0Js2YJO4UlVJ7N1nPSx4z2e7g0BdHvjCxkSBQdS4Pim8HO0dXUrCLr4+aKYk3GnVE6kNN3gU=
expires
Tue, 16 Apr 2024 18:32:17 GMT
twitter1a.png
express-images.franklymedia.com/6616/sites/773/2016/03/27054414/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054414/twitter1a.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf54669cc8ab3d98edfd167bef37bd3c919c4d957ec4ac1016ef01a8e3c55c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:16 GMT
server
cloudflare
x-amz-request-id
VXBMJDQFTDWWD45C
etag
"2caef929c7ff534b04e640603d60ffd9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b179ba7-FRA
content-length
9088
x-amz-id-2
HhI0fE7xuc4jMtsqsyLpYc3dpSWQUo2ns+iBd86eFbHwE2NOexO6qqtqQk3By//g2lAR5KJ1KQk=
expires
Tue, 16 Apr 2024 18:32:17 GMT
appstore.png
www.921theticket.com/wp-content/uploads/sites/773/2014/10/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/2014/10/appstore.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db73e43d6f40687165de7df1a9cac4db859cbbfd9347cbe1416bcf8465cc91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:32:15 GMT
server
cloudflare
etag
"544fe12f-22903"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-15.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bff1bc3c918f-FRA
content-length
141571
expires
Tue, 16 Apr 2024 18:32:17 GMT
amazon.png
www.921theticket.com/wp-content/uploads/sites/773/2014/10/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/2014/10/amazon.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7162200f464a21121476793004f2eb1af54d5d92f7910b4f54f8ba64c16e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:32:12 GMT
server
cloudflare
etag
"544fe12c-228f7"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-13.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bff1bc3f918f-FRA
content-length
141559
expires
Tue, 16 Apr 2024 18:32:17 GMT
mobileapps1.png
express-images.franklymedia.com/6616/sites/773/2014/12/27055640/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2014/12/27055640/mobileapps1.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce6245c16143f34e786f881c506095d8931bcca6928f2037855ac0fe423428e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:56:41 GMT
server
cloudflare
x-amz-request-id
VXBHRP9NA4RRKK2B
etag
"ae168add1e645cb203c59563c514f155"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b189ba7-FRA
content-length
1435
x-amz-id-2
2STBMzZFNcBR+vS/DgrBNcLUAIK1U1sJbR9XGwavsbdVQEr4ZwT/qOTMne3QIBT9YEzUX7EzoHE=
expires
Tue, 16 Apr 2024 18:32:17 GMT
fb.jpg
express-images.franklymedia.com/6616/sites/773/2016/03/27054414/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/03/27054414/fb.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd192e7a627b8fbbf95ed31b18e6c982e3ff96d00e619751d0c38d1a5d80cca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:44:15 GMT
server
cloudflare
x-amz-request-id
VXBPW0RDEZHMMDKM
etag
"2cf8fb19d9ed729972d7559cd74613b4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff22b199ba7-FRA
content-length
13662
x-amz-id-2
ZiKhx0pDIxMeHsJi4gszVC4pty5SkpTGS4V4B/57A2lwGLBly3XPH5MxWdUO4MQnucmow5ZHAW8=
expires
Tue, 16 Apr 2024 18:32:17 GMT
sync
thrtle.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/sync?vxii_pid=7004
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.62.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-62-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
style.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/ 		338 B
428 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/style.css?ver=20220610-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df74312f7ba8eabc42060688a6c5f9c727ff4e1e65fde7685115e482dca4003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
CFNVBW13CW0RYJRT
age
2564379
x-amz-server-side-encryption
AES256
x-amz-id-2
iC09sQm7f0Zbm/nCxjHAViftpBDOpTKpvM1lp6G0AB3A2NByAZAy8loINSchOs/+PmAhh8EANzM=
last-modified
Sat, 11 Mar 2023 04:11:50 GMT
server
cloudflare
etag
W/"5140769b57bda7c6f78cb57f66f701a2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bff1b8a368ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
widget.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/css/ 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/css/widget.css?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca27b49dcaf6c7ccd0349fe39719560d621d767edf987a5aed9569491694a93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
T84GG7RA898VWVSC
age
2118558
x-amz-server-side-encryption
AES256
x-amz-id-2
/5A1B89usHgvmuT2TpSK6YWmBinPvA8iEs9NIxNdBaojfVolNuMEcwQjhgAJ/KT/tv5pZMQnlI0=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"125fb5ff40f36a5040c178458b8de3eb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bff1b8a668ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
main.min.js
www.921theticket.com/wp-content/plugins/themify-builder/themify/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/wp-content/plugins/themify-builder/themify/js/main.min.js?ver=5.5.7
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1602bbbe3ff382852e4f7c71efd46277f00cae1799adee44d44c49e51ca47d84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 13:11:18 GMT
server
cloudflare
etag
W/"6437ff76-7c0c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-whom
web-18.ampcms.internal
cf-ray
7b96bff1bc41918f-FRA
expires
Tue, 16 Apr 2024 18:32:17 GMT
widget-front-end.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/js/widget-front-end.js?ver=6.1.1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8c4f245b08961a48b29107101da3ef28e9c2eb9a6a090c3d4e9babced6d9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
MD7R2YHCEGAMV8W9
age
564525
x-amz-server-side-encryption
AES256
x-amz-id-2
Gl8gRHjfeRM9ZNIG8KSRB9nq6Kg2M/U7T7kEacFIUZemLtCFBfM+GU9oZ7TPxaln6fojW6MyDnQ=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"a5bde46366ca5f6686f55c849a23d24b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b96bff1b8a768ef-FRA
expires
Tue, 18 Apr 2023 06:32:16 GMT
fullfooter.js
kqsm.tunegenie.com/station/pwa/ 		377 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kqsm.tunegenie.com/station/pwa/fullfooter.js?bs=kqsm
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.16.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-16-143.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
fc180739ff5d55b694ab2a63f5e1d286ab5fdf117621c2e4ab20fac38fd5cb0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:17 GMT
Server
nginx/1.20.0
Vary
Authorization, Cookie
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
377
Expires
Mon, 17 Apr 2023 19:12:39 GMT
ecms_global_footer.js
www.921theticket.com/wp-content/uploads/ecms/ 		2 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/wp-content/uploads/ecms/ecms_global_footer.js?v=1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7541bc3222a1d2c6a5fd30bc949941c06d0470df4143160891004f6b0c138a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2023 21:50:13 GMT
server
cloudflare
etag
W/"64372795-7ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-whom
web-23.ampcms.internal
cf-ray
7b96bff1bc43918f-FRA
expires
Tue, 16 Apr 2024 18:32:17 GMT
gtm.js
www.googletagmanager.com/ 		125 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6SGF4&l=corpDataLayer
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f922aadccfdd269a9137edd0f627b8df235100e32c0fc3b3163b126b76e96bbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49204
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:16 GMT
header_bg.png
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/header_bg.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:08:50 GMT
x-content-type-options
nosniff
age
131006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Apr 2024 06:08:50 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f118f266b51ff24de02fc230411ec9578b35d7af267381d063763429d1dfb4be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 18:32:17 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-18782929-15&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5377bd39f9bfdfe87998f1ae25259cff4c6b1533e58d7a59e20d40232a0169f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44695
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:17 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39ZEBK9WPT&l=corpDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6SGF4&l=corpDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69b4b9d0b0e573d7a04d0d347ff4d553c5ac31aa0c6b28795b99ab4727161a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78428
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 18:32:17 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6SGF4&l=corpDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1245
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 17 Apr 2023 20:11:32 GMT
gtm.js
www.googletagmanager.com/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02253fe8a8a09dfa9ccb4681d11015cba1240fdc9277a1d8437d6a0fb133e4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75595
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:17 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-39ZEBK9WPT&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39ZEBK9WPT&l=corpDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7LHM6PBR21&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7LHM6PBR21&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=express_dimensions&_ee=1&ep.client_name=cumuluspro&ep.station_name=KQSM-FM&ep.alt_station_name=KQSM-FM&ep.market=Fayetteville%2C%20AR&ep.format=Sports&ep.author=System%20User&ep.page_type=page&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
cmp.quantcast.com/choice/_xVSK99pzATvb/921theticket.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/_xVSK99pzATvb/921theticket.com/choice.js?tag_version=V2
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3b68ef6ffb30c77f08ef7fdde5a28ffe5581635fa6eadef70e77e7fcab0750c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 20:17:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"4671dba02ace3f8744c51f68d794672d"
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
D7Heq85HFPk_2I372RwqAtkfpAN6978XTsfdlKc_GeG_d34pta7whg==
main.js
cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/main.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e025e517a55a0f2c4e6c8b54db18bc11b7f40b68f1c2936f9836973e330e1d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 18:32:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
15722
x-jsd-version
85ceca6
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6487
x-served-by
cache-fra-eddf8230059-FRA
x-jsd-version-type
branch
etag
W/"452f-RRyeO+m38ZdhWHStwiVMGY6k1+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 17 Apr 2023 19:31:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/ 		398 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
12881
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126408
x-xss-protection
0
server
cafe
etag
11042757488233447259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Apr 2024 14:57:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		120 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8a9b4b8a6437a02e6224f1273e7e3ec1d1c78a2f1546b9f320fd0dc3b7ef77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:17 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41702516-14&cid=1820827546.1681756337&jid=61108001&gjid=178547778&_gid=579121182.1681756337&_u=aCDAgAAjAAAAAE~&z=1092423824
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Apr 2023 18:32:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=999957307&t=pageview&_s=1&dl=https%3A%2F%2Fwww.921theticket.com%2F&ul=en-us&de=UTF-8&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUAjAAAAAGAAI~&jid=778642160&gjid=1816775338&cid=1820827546.1681756337&tid=UA-18782929-15&_gid=579121182.1681756337&_r=1&gtm=457e34c0&jsscut=1&z=77996252
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=999957307&t=pageview&_s=1&dl=https%3A%2F%2Fwww.921theticket.com%2F&ul=en-us&de=UTF-8&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgAAj~&jid=61108001&gjid=178547778&cid=1820827546.1681756337&tid=UA-41702516-14&_gid=579121182.1681756337&gtm=45He34c0n71K6SGF4&z=1902507840
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1625
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/_xVSK99pzATvb/921theticket.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 24 Apr 2023 18:32:17 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=921theticket.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/_xVSK99pzATvb/921theticket.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:06:57 GMT
content-encoding
br
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 05 Apr 2023 15:47:12 GMT
server
AmazonS3
etag
W/"1746c81073fb3adcecce59e604b48427"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
UV6VT_pe-Z_8qRBFuQqZpQjRfoXDnYlG2z0JEPPmuCew7RsSDCGIGA==
vendor-list.json
cmp.quantcast.com/GVL-v2/ 		407 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list.json
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d19acaedbb34b8bd49f5a4457b6544de09b851fb20c366dc8312b04c84bc4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:00:36 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
55902
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 17 Apr 2023 03:00:32 GMT
server
AmazonS3
etag
W/"fd1e2e3ad2726d2996251061ba6c75c5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
uNOFD2PRVX84xtH_lZIj5zGHjW5odIoXtojy68j81BnIgMQCD8kC2w==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		151 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:00:28 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
55910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 17 Apr 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
EBGlQ8jZMXFKl4QOGNx2NyDuwm801oVHN9n_Y5XuEIlWanYtiU26aQ==
advertising.js
cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/advertising.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d050d34d95266c42e79cb0df98e4b15fb25f4ea5b47ea5db08214bea40ad9280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 18:32:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
7820
x-jsd-version
85ceca6
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17594
x-served-by
cache-fra-eddf8230059-FRA
x-jsd-version-type
branch
etag
W/"d49f-RNLlQ8/lE4GOwhAUGWex7TE6Whc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
analytics.js
cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43ee45287123b95f11211fdd02e23147a3f4909023503e0b03fe00ea2ee01926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 18:32:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
17853
x-jsd-version
85ceca6
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3122
x-served-by
cache-fra-eddf8230059-FRA
x-jsd-version-type
branch
etag
W/"1e14-1P+UWEvxFBdIOhHtGoE140sVWq8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41736871-1&cid=1820827546.1681756337&jid=78239003&gjid=259734497&_gid=579121182.1681756337&_u=aCDAgUAjAAAAAGAAI~&z=13898774
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Apr 2023 18:32:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/autotrack.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8958150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7172
last-modified
Mon, 04 May 2020 16:05:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d61-60d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHJX5DBpd6Q1YogutZwuZuForsHyfFF5mLgc7PqjQkp3aKOq%2BrsgjINxOGCqLsKxOUD5PH9UH9aFk5lGF8wMeEDylzTK%2FAWhU6WIUKMPWiUlIT7L8CC2rHVubw67KiTWvNMHhWsQd72jXDN8qrq0%2BW%2BA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b96bff6cfb32c3d-FRA
expires
Sat, 06 Apr 2024 18:32:17 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a380acc1e32bfa732e0c08aeb004ef5be43abed58024e42aa69495c61127e46d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81028
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 18:32:17 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=999957307&t=pageview&_s=1&dl=https%3A%2F%2Fwww.921theticket.com%2F&ul=en-us&de=UTF-8&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUAjAAAAAGAAI~&jid=78239003&gjid=259734497&cid=1820827546.1681756337&tid=UA-41736871-1&_gid=579121182.1681756337&gtm=45He34c0n71MPSWXC&z=1766200795
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1625
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=16059128&ns__t=1681756337699&ns_c=UTF-8&c8=THE%20TICKET%2092.1%20%7C%20KQSM-FM&c7=https%3A%2F%2Fwww.921theticket.com%2F&c9=
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-24.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
wrhD0DZnfHBVwMLH_DghPGgpibyx6W_tBqB2Mp9z-HQqyCQKFE0hPQ==
x-cache
Miss from cloudfront
rules-p-_xVSK99pzATvb.js
rules.quantcount.com/ 		160 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_xVSK99pzATvb.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:e800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27be4e71e772eab3143df5bee3739a1feb2eefe8a4f5c28de10824c7fb229a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:14:13 GMT
via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Wed, 15 Feb 2023 17:26:44 GMT
server
AmazonS3
etag
"3b3245d31ad9cc34074025321393bbbf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
JNKMNpL1s5PuXQkNlmBaUZfVanVkl_C_IU0X1Rav3EI4UusOUpxlYg==
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D35JDKEKBV&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=page_view&_fv=1&_ss=1&ep.cms_site_id=KQSM-FM&ep.cms_format=Sports&ep.cms_market=Fayetteville%2C%20AR
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D35JDKEKBV&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=cms_data&ep.cms_site_id=KQSM-FM&ep.cms_format=Sports&ep.cms_market=Fayetteville%2C%20AR&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&adks=2698566425&sfv=1-0-40&prev_scp=pos%3Dtop&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756337830&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=436&adys=105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=998x0&msz=998x0&fws=4&ohw=998&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ee786c10ec008299f43bb2c743554c992dd4393e6514b2e031ae6433fec9d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
google-lineitem-id
6257643554
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402799009
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7FFE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:17 GMT
expires
Tue, 16 Apr 2024 18:32:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
widget-wide.js
w.dailysportspage.com/build/ 		161 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.dailysportspage.com/build/widget-wide.js
Requested by
Host: w.dailysportspage.com
URL: https://w.dailysportspage.com/cumulus/widgets/scoreboard/wide-2ac9f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.166.135 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dellsportsgames.com
Software
Apache /
Resource Hash
884db91561122e85450eef976ce1dead15c10df5ae5e49a4c7c36ce705cd3dbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 21:06:56 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
none
content-length
36579
expires
Mon, 17 Apr 2023 18:37:17 GMT
widget-wide.css
w.dailysportspage.com/build/ 		100 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.dailysportspage.com/build/widget-wide.css
Requested by
Host: w.dailysportspage.com
URL: https://w.dailysportspage.com/cumulus/widgets/scoreboard/wide-2ac9f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.166.135 Palm City, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.dellsportsgames.com
Software
Apache /
Resource Hash
e8ebfb0d17387ebd6571b3dbc4036eda34026b30f5827dfa2915f0eb005318f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 21:06:56 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
none
content-length
15439
expires
Mon, 17 Apr 2023 19:32:17 GMT
content_bg.jpg
cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cumuluspro-express-pro.franklymedia.com/kqsm-fm/wp-content/uploads/sites/773/2014/12/content_bg.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
My-Post-Copy-4-150x150.jpg
express-images.franklymedia.com/6616/sites/773/2015/05/09150048/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2015/05/09150048/My-Post-Copy-4-150x150.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225872294975bf8c97d3ac75b007cfa5c0d778d117c018981d97c19020a53ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 21:00:50 GMT
server
cloudflare
x-amz-request-id
05XX7KG4SPJVGFDQ
etag
"7aa35118c9ad7739f1d370481850e88f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff78c799ba7-FRA
content-length
42091
x-amz-id-2
pVRwoOQbPLycL2Pm8rc9Lkp6jmLJkjNw3P4GuSTZuXYEHMrJqRz1ZSfCo6mQxqwOFyrpK9DZlRI=
expires
Tue, 16 Apr 2024 18:32:18 GMT
77dc702675d82e7f7c0f80bb0014a617eee86d7bbb249afe34cc4448b2f7702d_large-150x150.jpg
express-images.franklymedia.com/6616/sites/773/2016/10/27054354/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/10/27054354/77dc702675d82e7f7c0f80bb0014a617eee86d7bbb249afe34cc4448b2f7702d_large-150x150.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf092387103fd6780ae75acca7971b8476f66ecf62b31de0de6bb48b2d1e73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:43:56 GMT
server
cloudflare
x-amz-request-id
05XHJ69GZS39PBP5
etag
"6e9c73e895b410c7c9432e2af0296ef2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff78c7b9ba7-FRA
content-length
22909
x-amz-id-2
fi15yjEu9jzV57T4kQf/WrQ2eI78KPXaADvGuL7l4P96S1J7OFNSmlV3bGtiQlKeZatv4R/GYCc=
expires
Tue, 16 Apr 2024 18:32:18 GMT
My-Post-9-150x150.png
express-images.franklymedia.com/6616/sites/773/2020/10/06171148/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2020/10/06171148/My-Post-9-150x150.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d450666c9f71863e0fea031f1edcac73ed89a68863ec68c4048a9a6c4c6fc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Oct 2020 22:11:49 GMT
server
cloudflare
x-amz-request-id
05XMP854SQ5Z334A
etag
"e8bbdc8f3cf81d867dc8c13a94cc0e24"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff78c7e9ba7-FRA
content-length
10867
x-amz-id-2
quK9ZQ/+7dIVniqxoFhYXvKWzKXtTtgyxEh5p8HxaZTOOT01OLgUSHaaMiC511OlRNV1dtBkvyU=
expires
Tue, 16 Apr 2024 18:32:18 GMT
Sweet-Deals-Banner-150x150.jpg
express-images.franklymedia.com/6616/sites/773/2019/07/02095356/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2019/07/02095356/Sweet-Deals-Banner-150x150.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc98347eb67bf074d4255b4b60220be860ae72ac0e248c52927382898ad1b1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Jul 2019 14:53:57 GMT
server
cloudflare
x-amz-request-id
05XNBRF5ZQH3W055
etag
"16dcb855e0c82183596f1a340e6cdc26"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff78c7f9ba7-FRA
content-length
15351
x-amz-id-2
83X5jiLpaINWVVl0a1uD51KK6/j7iZxzU91SAeMVQ0jtlcXNpJtxIemSIzAWblapRT6b6A68tU8=
expires
Tue, 16 Apr 2024 18:32:18 GMT
My-Post-3-copy-150x150.jpg
express-images.franklymedia.com/6616/sites/773/2021/02/04160709/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2021/02/04160709/My-Post-3-copy-150x150.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d115af5c788b19e9e28f555f29f978ccf245c03921f00343ff838b31586222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Feb 2021 22:07:10 GMT
server
cloudflare
x-amz-request-id
05XP4BJ9BD8NEJVE
etag
"f4b739926a6be66ef6dfa9d4161d5920"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff78c829ba7-FRA
content-length
31035
x-amz-id-2
2/PbsBQfUqfE6K8HWMZpwQyeEmRdwrnXKoPUJeI9z5x4EpKPl1j2HB6SeoEWqi5xLsMXWq7DA30=
expires
Tue, 16 Apr 2024 18:32:18 GMT
GetScaledImage-150x150.jpg
express-images.franklymedia.com/6616/sites/773/2016/10/27054355/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/sites/773/2016/10/27054355/GetScaledImage-150x150.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3005bbf3e7aa49a58192f6a0171270c573c1ee1b6b569f93e31ceca94e9c48e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:43:56 GMT
server
cloudflare
x-amz-request-id
05XS3CDV794TG4P3
etag
"980249218e9fd24779e7be317cf741cf"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96bff78c839ba7-FRA
content-length
26516
x-amz-id-2
nBKuV2/QuaR6h/CxunObgzuFBj3HaP4wE5SEIkIBR/QYBonQhiFiABrDjaAnzFDOy17SzDDpkwE=
expires
Tue, 16 Apr 2024 18:32:18 GMT
embedcode.php
embed.sendtonews.com/player2/ 		0
0
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:17 GMT
Content-Encoding
gzip
Age
1006
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/674D)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=2&adks=959849993&sfv=1-0-40&prev_scp=pos%3Dmid&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756337865&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=997&adys=240&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=325x0&msz=325x0&fws=4&ohw=325&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb874631645ed7f078ccc40b3385e51e58284a6647fb71faedd9aa278ec9d7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11478
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1767046298;source=choice;rf=0;a=p-_xVSK99pzATvb;url=https%3A%2F%2Fwww.921theticket.com%2F;uht=2;fpan=1;fpa=P0-1610494680-1681756337728;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gd...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1767046298;source=choice;rf=0;a=p-_xVSK99pzATvb;url=https%3A%2F%2Fwww.921theticket.com%2F;uht=2;fpan=1;fpa=P0-1610494680-1681756337728;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=921theticket.com;dst=0;et=1681756337869;tzo=0;ogl=locale.en_US%2Csite_name.KQSM-FM%2Ctitle.KQSM-FM%2Curl.https%3A%2F%2Fwww%252E921theticket%252Ecom%2Ctype.website%2Cdescription.THE%20TICKET%2092%252E1;ses=1d7527d8-4c99-4348-bc1a-f0e7d2739717
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x50&ifi=3&adks=3473686669&sfv=1-0-40&prev_scp=pos%3Dcontest1&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756337886&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=997&adys=340&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=325x0&msz=325x0&fws=4&ohw=325&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
768bb0222a4439240a5b9db5fbd136c7dd60e1ad6ebc46445bbe747544f60eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17637
x-xss-protection
0
google-lineitem-id
6255600896
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426809240
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.15.1-G/ 		678 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-125.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e16b520601222e9febb9322d25f2880f323ab6184bbb20a2dfbc01512d49cec

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:31:27 GMT
x-amz-version-id
LNXjCEetzx.0FBYq9VKmWJo590NqR4gY
content-encoding
br
last-modified
Thu, 13 Apr 2023 22:03:13 GMT
server
AmazonS3
age
51
x-amz-cf-pop
PRG50-C1
etag
W/"d1473d6891bd66636c9838a23c03550c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
B4gT5luBhex76ZC2g-2U-5weuOGUKx2vgupqt3t2IG6z2MVO7OIi7Q==
ads
securepubads.g.doubleclick.net/gampad/ 		555 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x50&ifi=4&adks=1804474206&sfv=1-0-40&prev_scp=pos%3Dcontest2&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756337922&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=997&adys=1169&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=325x0&msz=325x0&fws=4&ohw=325&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b140a1169cc31b58a6a850f6fbdf31f96bff7a6136556766c7e61703482670d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		562 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x50&ifi=5&adks=2646353346&sfv=1-0-40&prev_scp=pos%3Dcontest3&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756337954&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=997&adys=1282&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=325x0&msz=325x0&fws=4&ohw=325&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a93d15ad709b896da0391d442da439e03162a3d1936358736778c4d175819cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
297
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=6&adks=916995349&sfv=1-0-40&prev_scp=pos%3Dmid2&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756337982&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=997&adys=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=325x0&msz=325x0&fws=4&ohw=325&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07690a629a348fded70128c84c3128d958a3ac5e27f8f18174de23972724cc2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13145
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		528 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=3938165033&sfv=1-0-40&prev_scp=pos%3Dwallpaper-ad&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756338003&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=301&adys=3582&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=242x0&msz=242x0&fws=4&ohw=242&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a132ff98011afb089fa6a27a9b6304c8594bd9bb00567b3a226a37864f5d3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
266
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		627 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=2739472950&sfv=1-0-40&prev_scp=pos%3Dbot&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681756338021&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=562&adys=3336&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=746x0&msz=746x0&fws=4&ohw=746&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44d8be1121ed1dc8d49eac1d722a43c52f92382ea91e2e59f1b44c49252e0c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
294
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e0f23e68afa7c4cafbcb0f6533d92893fc241a6d285a57afaad3edd76722a05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:18 GMT
content-md5
V9ZZarMd9b5evnoBttGH3w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
wTCzHLn9rvJPCPWGQmLf7CMRar+Admio6+4PjVOIZEkyMXUbV0qmjiWNwm1lkY5Achmj11WJkr+FOXK0z5eMlQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
e18c05aeb3b5b5f17067cae203f20a28
cross-origin-opener-policy
same-origin-allow-popups
etag
"de5fa17ef3ba143a0075deb5fbb4770b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:41:36 GMT
see.js
engage-see.franklymedia.com/widget/see_10526/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://engage-see.franklymedia.com/widget/see_10526/see.js?ver=20220510-01
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 18:15:35 GMT
server
cloudflare
age
732
etag
W/"90588d-9a4f-5f98c2d5fea1c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7b96bff988c9925c-FRA
expires
Mon, 17 Apr 2023 22:32:18 GMT
css
fonts.googleapis.com/ 		3 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e036eee2a56f16060c857d1ca0f14e8abe9518cff6335e114ebaf1c6b2d440ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 16:50:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:18 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:32:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:18 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7137098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BC%2BfR03K%2FIz0OrJT0x9ojDmhGSHlUaNCEWGlaEUm8627awLv95QXSkMvvfkzfOFAla4OgUwvI9aeYwx4TnXDD3BMRkkw%2FK75YgMy%2FIwagPjZ6XkmtBTyGe93rEgmjGv0Ca6xtBNjXz11JSfAO%2F6byO%2Bt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b96bff98ba72c3d-FRA
expires
Sat, 06 Apr 2024 18:32:18 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame A16F 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1034557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1Rs9piWtEqV2OFIYPpAuieIQhf7KAm7QzOEoi%2FJTrfWRqGfR%2Bthus5WyRGZf7PNQf5JrN1zfbgZlPf8b%2BvEedWDeD4vgV2yJWk91gpaediwfYqRMLdHYg08F2TUaqhaRgzGeZhOUN84xTiTCWhUHe3j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b96bff99bc12c3d-FRA
expires
Sat, 06 Apr 2024 18:32:18 GMT
prebid.js
embed.sendtonews.com/library/prebid/7.17.0/ Frame A16F 		317 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-125.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922a293fce4c3fb1526e1a5d8816602ef86fd581c3e438989416bc5c56ce9f0f

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
4T1O1sxkjVuvPIXSZnuOc3WXU2qLKIH1
content-encoding
br
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
date
Sun, 16 Apr 2023 23:34:47 GMT
last-modified
Thu, 13 Apr 2023 19:30:43 GMT
server
AmazonS3
age
68252
x-amz-cf-pop
PRG50-C1
etag
W/"a19a813f32186fcd556eb018968e7f37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sCKocXqCJ0rV67WFUs3B8kREEAHC6kB-3t35ZE3R0Vgm9KBOWD7u0Q==
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame A16F 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-125.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 19:44:13 GMT
x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
82086
x-amz-cf-pop
PRG50-C1
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5fxDAJSvJHpYpL5cfxC6mOLA1ev_0XpTEbAugEIMR-XTn6HnBdNOAA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123683
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:18 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:53:00 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
83823
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
t-HZrEpiRkSZpgled0yPyA8q9ioSVL4a4k9AjmRa3_wqEZ84ahH8Lw==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 19:15:16 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
83823
etag
"311cf2edc46e82f2a6911332b7db54e1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
FG3R_23BmZFqgbda89LACBoPeS_BafwqS4sHbZSIZEICTPyYGrtmoA==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:20:19 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
83823
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
krJAOLwlaHp0iB8QoXjte-AsN3xlCpOtG7-lvc-svcljnTpISCXn0g==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 19:15:16 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
83822
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
HsxTYAGgKinI-bQs86WTcpkioLwEw8O5cyzMVcX8n1yfULlo-VrGSg==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=421206&version=7.15.1-G&age=230417&cmd=PRE_INIT&key=5oC5qDti&seq=1&order=1&vIndex=0&absoluteTime=2467.2&relativeTime=0.1&canonical=https://www.921theticket.com/&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		34 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=bGqNGgtBkHxKexnR&instance=421206&version=7.15.1-G&age=230417&ESG_key=5oC5qDti&type=FULL&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-125.prg50.r.cloudfront.net
Software
Apache /
Resource Hash
b280e5ef6d291327ff218468b6679f2a8f348d2472c1a6905ba965614595aa02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
PRG50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
6223
x-amz-cf-id
yDpmXWSNA7GAZ5NvlCDKHNLwkn7w1qj1T1Ykv2VFl-z47JkPl6r7XQ==
expires
Mon, 17 Apr 2023 18:32:19 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame A16F 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:01 GMT
content-encoding
gzip
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
18
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
GYorCGymKWnHywD7Id4YtvFukvJONYbG2b2zLEwefWKR6MI1HfroUg==
view
securepubads.g.doubleclick.net/pcs/ Frame 7AF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbRZefkMuYyHHurq0-nN0D9ns2Oyi6CuuBqGwJMVscpJu0jWZxywbOXzLWy_Zi8K3rJr7pE2HPC2Hak0VywPZ7olYqRigQTC4Fvwd4gIFXr1rtN1rQiUDqjFUG2gizTHsjGTllM0NXOwZlwMYcloUnfbSiq7p9xvNJj1EcoAQSvSYMrFsnFgWIPx_kVY2l5_muHOLseUVPlvIpZSU-3xHxsW7EcIQlcVSNlnm7z2cP3hMil9z8u-l3HT8KLkc3zXweUpj62XJTcu3kyMqTjQ_m4NpOuRccEdoukRrwtrMUPnX3zlquUNWRR-sZ1AIuWoI&sai=AMfl-YS2D8V5Q7Lr6_ExTibhVA6gy8tIAxR2vZrapFujTTTmJJhmdiIMpMK-QqBFuWUk4tt-TDk4z8k3Q6pvwfBXZpP3cPaUUE1VfhuTisNPgOC8U2yWv0j4sCRfeK6kXRIAtJvrfxaAaGFG4MuHM-o&sig=Cg0ArKJSzBCMHbZcVfNAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:18 GMT
cumulus_728x90_1.js
dl.westseven.media/dist/ Frame 7AF7 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.westseven.media/dist/cumulus_728x90_1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199f1cdc3df15de6c7544550bca52b02b7b751736047d479a928078ad5431937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N7H2N8BXYHCXVEBE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
YrLxGIo4D81yCJo/nMIH4MYfJYdVhKpOUPQptlaS8iNsbbJftWlIH2il+shHwHbsCx1sPGqbxEg=
cf-bgj
minify
last-modified
Thu, 23 Jun 2022 02:00:29 GMT
server
cloudflare
etag
W/"dbaa6b975c083068cfab7935ddb845b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsV2II0RHENTH34WGZ7h11U4zvtH0M5u3IF4Ti9%2BEZf5l3A51Igsbgkb1I0IRxGWeMuSI%2BhiutIoZNaPpgcIzAswAJM1CO0jR3%2FwtrIdNPBsgNca4GSdTQLUPCOi2qgguQMjv00eiGDiQUOH3HVl9cs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7b96bffa3fc92bbb-FRA
pixel.gif
pixel.westseven.media/ Frame 7AF7 		35 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=cumulus_728x90_1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-13.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:18 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0, no-cache="set-cookie"
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7AF7 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:18 GMT
loader2.min.js
b3.tunegenie.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/loader2.min.js
Requested by
Host: kqsm.tunegenie.com
URL: https://kqsm.tunegenie.com/station/pwa/fullfooter.js?bs=kqsm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd34556b61496c7b6e67c835f6e9e986e39e68c6370de239ae5291fd794aeb54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
hcm2yvP5SBi8502uSDrgAPfMqTRDDR.7
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 18:32:19 GMT
last-modified
Tue, 17 Jan 2023 19:26:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"46b29962e990b78e68aa6800f482629d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0
x-amz-cf-id
N3RDq4SwGF0ICRQWnKdQVzOtDm89lE59LXGywp_bjDnDiLTzk8-KuQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1246
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 17 Apr 2023 20:11:32 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=6bd926c8576dd092132f7e47ec48e888
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf86eb4a7abc0dc4e1cc4b75ee9d5c1132574fea5e3c89ba9169c77ea56fd991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:18 GMT
content-md5
vruZRYsgYB427cZu0qeNdQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88564
x-fb-rlafr
0
x-fb-debug
pXfq3epMDFtQd8dWwe8bexY43/uBGz/J2kqXMbINAaTQdM1GbojxigoeQQyYuHo3T19N95BMknJ3kAIipYHnZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
620a8e262f0d7c8d6b5b7196ea9ebc70
cross-origin-opener-policy
same-origin-allow-popups
etag
"e5807a0dc8e28449add2b67d60e4f409"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Apr 2024 16:43:19 GMT
js
www.googletagmanager.com/gtag/ 		131 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-932229734
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
953113c48e58089e3bfe1728c0394b0733b12aec79aaddd9e9e8b2b3ac96fa95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51356
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:18 GMT
/
www.921theticket.com/category/insurify/feed/
Redirect Chain
  • https://www.921theticket.com/category/insurify/feed
  • https://www.921theticket.com/category/insurify/feed/
153 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/category/insurify/feed/
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
659be1584c47aeffe03f99a68d7fb930b67d904ea16a8b0f7a51247b8cad9999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-powered-by
PHP/7.4.30
x-whom
web-18.ampcms.internal
x-xss-protection
1
pragma
public
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Apr 2023 18:32:20 GMT
server
cloudflare
etag
"f8f3638ccb9313803ca092b1ee18c7cd"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/rss+xml; charset=UTF-8
cache-control
public, max-age=3600
express-tag
C-828-IBMe773
link
<https://www.921theticket.com/wp-json/>; rel="https://api.w.org/", <https://www.921theticket.com/wp-json/wp/v2/categories/828>; rel="alternate"; type="application/json"
cf-ray
7b96c002ce85918f-FRA
expires
Mon, 17 Apr 2023 19:32:20 GMT

Redirect headers

date
Mon, 17 Apr 2023 18:32:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-powered-by
PHP/7.4.30
x-redirect-by
WordPress
x-whom
web-22.ampcms.internal
x-xss-protection
1
pragma
public
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 17 Apr 2023 18:32:19 GMT
server
cloudflare
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/rss+xml; charset=UTF-8
location
https://www.921theticket.com/category/insurify/feed/
cache-control
public, max-age=3600
cf-ray
7b96bffa89f8918f-FRA
expires
Mon, 17 Apr 2023 19:32:19 GMT
gtm.js
www.googletagmanager.com/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01c5cfe7f4934d64364ff76ccd3c08c3662563650162817a5bc99c2848f624e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53711
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:18 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM%2Cpushdown&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x574&ifi=9&adks=1271437256&sfv=1-0-40&prev_scp=pos%3Dpushdown%26noprebid%3Dnoprebid&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie=ID%3D17a61757318ea7a4%3AT%3D1681756337%3AS%3DALNI_Mb5NXtJ_W0qrE48rWfGlSRDHcbQ3g&gpic=UID%3D00000bd7e4bf5fe0%3AT%3D1681756337%3ART%3D1681756337%3AS%3DALNI_MbK3ct5M7yv0WZw4c-lC8f0yFJfFA&abxe=1&dt=1681756338341&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=1570x883&msz=0x0&fws=132&ohw=1570&psts=AHQMDFfcWQfHry-p34sU9tXIVSRZe6ulA3-2XtMqqwEO7XdVzkQ36ZgOPcOeyVH28Vg70B4ieoZU9y2lyw7pTwa9a_eJTIOklQ&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
136a801eebbba89c866168ec16b33ecca44a9f083f5ab29f3adc961ad1124c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		296 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&adks=1236050032&sfv=1-0-40&prev_scp=pos%3Dw7m%26noprebid%3Dnoprebid&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie=ID%3D17a61757318ea7a4%3AT%3D1681756337%3AS%3DALNI_Mb5NXtJ_W0qrE48rWfGlSRDHcbQ3g&gpic=UID%3D00000bd7e4bf5fe0%3AT%3D1681756337%3ART%3D1681756337%3AS%3DALNI_MbK3ct5M7yv0WZw4c-lC8f0yFJfFA&abxe=1&dt=1681756338360&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=800&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x-1&fws=4&ohw=1600&psts=AHQMDFfcWQfHry-p34sU9tXIVSRZe6ulA3-2XtMqqwEO7XdVzkQ36ZgOPcOeyVH28Vg70B4ieoZU9y2lyw7pTwa9a_eJTIOklQ&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc58109e6f845a8f38b92dc577d31db3db08cfbbbea86f39f8ab4dc14ba9eb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame CA69 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.921theticket.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2842772
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Apr 2023 18:32:18 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
identity
api.rlcdn.com/api/ 		44 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.921theticket.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		2 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.921theticket.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.144.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-144-228.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:18 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2fb6890ac6141ad8116488286153d0af821f77c8acea5c8645d7ea3cf7aca8ea

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.921theticket.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 17 May 2023 18:32:18 GMT
bxslider_loader.gif
express-images.franklymedia.com/asset/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/asset/bxslider_loader.gif
Requested by
Host: express-cms-assets.franklymedia.com
URL: https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/jquery.bxslider.css?ver=20210512-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://express-cms-assets.franklymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
HIT
last-modified
Thu, 13 May 2021 17:04:24 GMT
server
cloudflare
x-amz-request-id
VZEVXAYF72GPDVF9
age
21647
etag
"931bdb6b50816b03206c66921760b246"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b96bffb1a039ba7-FRA
content-length
8581
x-amz-id-2
fnQStW3rbyB2gEcR08QfJP6YbAYobMtsU02tHpxNOJHUu9ke+DcebpZB1OLCUO5YDAKMnvT6pGg=
expires
Tue, 18 Apr 2023 06:32:18 GMT
promocaption.png
www.921theticket.com/wp-content/uploads/sites/773/2014/10/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/2014/10/promocaption.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92bbd028ab0ad0953c7e1dd6ac7137dcdbdcb169da9a30d8e38169b6bbe1a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Wed, 29 Oct 2014 15:58:23 GMT
server
cloudflare
etag
"54510e9f-32e8c"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-23.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bffb1afa918f-FRA
content-length
208524
expires
Tue, 16 Apr 2024 18:32:18 GMT
prev.png
www.921theticket.com/wp-content/uploads/sites/773/2014/10/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/2014/10/prev.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce43f802dc7c161875bd6439eeec68f585d15ab78b9b13dd9328866d3ba8a344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:33:14 GMT
server
cloudflare
etag
"544fe16a-33117"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-13.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bffb1afd918f-FRA
content-length
209175
expires
Tue, 16 Apr 2024 18:32:18 GMT
next.png
www.921theticket.com/wp-content/uploads/sites/773/2014/10/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.921theticket.com/wp-content/uploads/sites/773/2014/10/next.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90e065cc3d7ae9c05d0f576847f6cb13261aa315e20aa77ac64a2d72d5ce0b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1082686644&ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:33:00 GMT
server
cloudflare
etag
"544fe15c-3310d"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-13.ampcms.internal
accept-ranges
bytes
cf-ray
7b96bffb1b01918f-FRA
content-length
209165
expires
Tue, 16 Apr 2024 18:32:18 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=999957307&t=pageview&_s=1&dl=https%3A%2F%2Fwww.921theticket.com%2F&ul=en-us&de=UTF-8&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUAjAAAAAGAUI~&jid=288109166&gjid=69932200&cid=1820827546.1681756337&tid=UA-1686524-24&_gid=579121182.1681756337&_r=1&_slc=1&did=i5iSjo&cd1=KQSM-FM&cd2=cumuluspro&cd4=KQSM-FM&cd5=Fayetteville%2C%20AR&cd6=Sports&z=1178541506
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
CUMULUS-MEDIA-Horizontal-White.png
express-images.franklymedia.com/6616/2020/01/14114450/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/2020/01/14114450/CUMULUS-MEDIA-Horizontal-White.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d5b0ed742fbcf607f1680ca632128118ca36c8a355029025eb4cd22c7aa981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Jan 2020 16:44:59 GMT
server
cloudflare
x-amz-request-id
SEM7KC2RAY5YNBH9
age
532698
etag
"d45759cdb87e2c1d42d36ee581e419b9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b96bffb4a509ba7-FRA
content-length
2301
x-amz-id-2
v2W4tyW9+ObTe1czjojfMph2Flel7O1hXpx3L3h1aX78BlAxOEAAB0Uzbfutmo5ljY8+KPx0Znw=
expires
Tue, 18 Apr 2023 06:32:18 GMT
My-Post-Copy-4.jpg
express-images.franklymedia.com/cdn-cgi/image/width=1200,quality=85/6616/sites/773/2015/05/09150048/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/cdn-cgi/image/width=1200,quality=85/6616/sites/773/2015/05/09150048/My-Post-Copy-4.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfafaa8b343156dab7030564439fbf5e43ab9b3ab164d774dab1767292c8fc41
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 09 Feb 2021 21:00:53 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfEoMFQFaayI_6fxhb_yDNgYNt3FnrrOeck9uOb3F2DQ:50c7f849be797640cd052a5cf02aab82"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b96bffb5a5b9ba7-FRA
content-length
179080
cf-resized
internal=ok/m q=0 n=132+0 c=31+268 v=2023.3.5 l=179080
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A16F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
448SEzPkDb9uUCzYacJ1oS4julWtJm8Mh2k7uJHTsEvvLoPZ5JOYyQ==
bridge3.568.1_en.html
imasdk.googleapis.com/js/core/ Frame B50E 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89bea8f90c7c22749b292948790d7e92ca96053d23e3a6622a1ac33c9061691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231485
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 03:22:53 GMT
expires
Tue, 16 Apr 2024 03:22:53 GMT
last-modified
Fri, 14 Apr 2023 00:03:45 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 18:32:18 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D35JDKEKBV&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=scroll&ep.cms_site_id=KQSM-FM&ep.cms_format=Sports&ep.cms_market=Fayetteville%2C%20AR&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame CA69 		663 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ff0dd38d37dded452971875b5c9460a2529aa014
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.921theticket.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time
106
date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 17 Apr 2023 18:32:18 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
58a46a4bb91b9b96
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
c9ad6bd2c63ee3a895a83595476252ccb5c6bf6d1fd8503aa16c5deed4edc654
content-length
284
script.js
d13l4u7pe64ymo.cloudfront.net/ Frame 7AF7 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13l4u7pe64ymo.cloudfront.net/script.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:1:c325:9400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29a4c34be2d8d3ff62ec5125d03108daa23df126fcf1e118bf42cb2ec9861fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
l4ZQCevvsrhMJOQ_LhnwFwt0xEsn0XIA
content-encoding
gzip
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 18:25:26 GMT
last-modified
Sat, 15 Apr 2023 08:19:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
419
x-amz-server-side-encryption
AES256
etag
W/"d494300bdc6ab9959ec713b1aafbde4b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
G0ihEzaiT_3tBLw-TJ4sUcGMnDQi5xB1tS26GLwNLMvDU5nzFGfTQQ==
19984_Cumulus_728x90.js
ads.rubiconproject.com/prebid/ Frame 7AF7 		746 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.70.117 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-70-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a3bbf13e4d2461a91249f89b5f7c581117eafb6db650acf87fe81f3007e27277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
last-modified
Tue, 14 Feb 2023 20:53:36 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
169441
expires
Mon, 17 Apr 2023 18:32:18 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 7AF7 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
493f4917667aa062937daf57d4ff9100169527f97f0c143a29dd023adf0e7987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25464
x-xss-protection
0
server
cafe
etag
418 / 19464 / 31073792 / config-hash: 14714238765142767567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:18 GMT
score.min.js
js.ad-score.com/ Frame 7AF7 		438 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
130d2977c5b71de88b4289a6f6fce6a3c7e1c719fc6b809be6f9a1bb6304a8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 15:36:02 GMT
Content-Encoding
br
Via
1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
10576
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 17 Apr 2023 15:36:02 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
ZQSwM4c-hwbHTm564ak-bXe5GcxRChvjB2sP2vpRVyQ34AD-nq9xVA==
Expires
Tue, 18 Apr 2023 15:36:02 GMT
pixel.gif
pixel.westseven.media/ Frame 7AF7 		35 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=921theticket_728x90_1&&r=0.29424836264153664
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-13.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:18 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0, no-cache="set-cookie"
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
truncated
/ Frame 7AF7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8753197c2bf80c6d0b5cd2f2028c14bf6d79a45cff6857ea3d8c279dc128d917

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1686524-24&cid=1820827546.1681756337&jid=288109166&gjid=69932200&_gid=579121182.1681756337&_u=aCDAAUAjAAAAAGAUI~&z=1945270221
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Apr 2023 18:32:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame A16F 		335 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.921theticket.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
335
x-amz-cf-id
fvgAxLRiWXxP7Nm2tIf23Ww5X_M7a31oJ7KptG745R14a2tGLePY1w==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&cmd=GET&key=5oC5qDti&c_id=5513&seq=1&order=2&vIndex=0&absoluteTime=3066.5&relativeTime=599.4&canonical=https://www.921theticket.com/&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-17.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6484dbdbcc018ef0cc92a28a4ef391571c4651aaa1958a85a24439c6120f9606

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
R1seq2Z_z8JGW4oF8VGqO4_69qZCLOzx
content-encoding
gzip
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront), 1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 02:11:27 GMT
x-amz-cf-pop
FRA56-P7, PRG50-C1
age
80691
x-cache
Hit from cloudfront
last-modified
Thu, 15 Dec 2022 19:57:28 GMT
server
AmazonS3
etag
W/"7cf0333618ae77b3dfe7d27466506fa8"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
gql-l-N5qNyO-k-WjTLk354PgpPpJR8of6tWsysWUpPLOec8ZTkmfA==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:38:05 GMT
x-content-type-options
nosniff
age
546853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:38:05 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:09:41 GMT
x-content-type-options
nosniff
age
15757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 14:09:41 GMT
go7fqxkldviceu5huma753t8r01rbdf9.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/go7fqxkldviceu5huma753t8r01rbdf9.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09c102f23d3a928c882da78f7357f944d5b8a9e4e4b9772dc63e73d4b52c876c

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
38193
last-modified
Mon, 17 Apr 2023 03:08:48 GMT
server
AmazonS3
etag
"80305c0cca6c5f1511854e60b7b93596"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
lAyTYSboa70azLnIu4UdlNlhHhqKzK9Zb_GdkWIftm_voiuj1o-JWA==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&cmd=RTP&key=5oC5qDti&c_id=5513&seq=1&order=3&vIndex=0&absoluteTime=3098&relativeTime=630.9&sC_ID=4735&sm_id=2685758&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&playerCfg=FL&playerType=FLOAT
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame A16F 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
7b96bffdd9ac3801-FRA
vary
Accept-Encoding
rpr1oo5517112r39r3205n850033r8o1playlist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/rpr1oo5517112r39r3205n850033r8o1playlist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f164b3efbaf1272ecf390c87993238dc0e09b31841fd8ba88693f21e726e8ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Mon, 17 Apr 2023 03:06:16 GMT
server
AmazonS3
etag
"b591bc382caa5a0d0672931a958deb69"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
FdxJd-y3fWhjacWgYRc7YyRLwGuFPdocs0iu0luiJPCEvITeeuzCGQ==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&cmd=IMA&key=5oC5qDti&c_id=5513&seq=1&order=4&vIndex=0&absoluteTime=3129&relativeTime=661.9&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.568.1&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ 		35 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C6717%2F53596966&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.921theticket.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&vid=2685758&us_privacy=false&cust_params=sessionKey%3D297421206-bGqNGgtBkHxKexnR%26schain%3Dstnvideo.com%2Cd145BTDCORXCZWPIFbjVRg%26content%3D4735%26placementType%3DPremium%26embed%3D5oC5qDti%26domain%3D921theticket.com%26player_size%3Dsmall%26player_width%3D300%26player_height%3D169%26player_type%3Dfloat%26version%3D7.15.1-G%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00014%26rand%3D9%26uhr%3D18%26iris_id%3Diris_979fbd82e579b356%26iris_context%3Dic_5619313%2Cic_5900591%2Cic_9971957%2Cic_3346711%2Cic_6287667%2Cic_2239888%2Cic_9320469%2Cic_6142702%2Cic_9859763%2Cic_4011328%2Cic_0084516%26us_privacy%3Dfalse
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
384001affbd29c2b2cf01ca24b518d4eeb3d0dff7952c40d5847afe398d345cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1368
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B2CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssql-KLeAEW6iVSnEGccSJ8km7f4dWIffD8Jd1Hj-PlVe-9YrDVENjvIxWumPS42jiH3f6UiqKXs0eMd15KQn9O2ePQR4qK8ydFbYwP9Yw_rbQiV0SHknH74qvicbjYBKUpoO6twnWRLfumycANM_kBELUxRKXMrcgI4p5eJDX5-e6DD0C01qTGIA2b893pExyUPwDR1UcFu6raofRGd7b8hJjnHmfPXb60iqbMubEu_wlsoOGYqIKQouU1nrpfe969EKDW0zX2dl7TUEC3m35i06r8F9y2KJOsuilWztV4I9VlrZnsefNPDKfYBrU&sai=AMfl-YScRLbIyRMedYre8DfMpgKYFBEvxXy01sp8jeiK4VHhd_V4SvM80gO84eUAVyMZvHlXJye8ni-dMvkNM0cABpUUYtmpClrFciKBniaBJAds6BZ5F3H2Z3yWGXx2bf1tTix_CI9Yg8e1VuuZAOXT&sig=Cg0ArKJSzG1LFfFLqb4aEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame B2CD 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:08:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
8640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 16:08:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame B2CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
9148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2CD 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:18 GMT
4052291185951905579
tpc.googlesyndication.com/simgad/ Frame B2CD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4052291185951905579
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f18097986b2ca55173d7140ee04292d25aadad7ccdb83f207b7cbac17a6d00e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:06:16 GMT
x-content-type-options
nosniff
age
195962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 15:31:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Apr 2024 12:06:16 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304040531000/ Frame 022C 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Apr 2023 22:28:29 GMT
age
245030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61837
x-xss-protection
0
server
sffe
etag
"4c71ce2fa24fb84d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 13 Apr 2024 22:28:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 022C 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Apr 2023 14:33:58 GMT
age
273501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5234
x-xss-protection
0
server
sffe
etag
"5c3964a98ed5c9e1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 13 Apr 2024 14:33:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 022C 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Apr 2023 09:06:48 GMT
age
206731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28939
x-xss-protection
0
server
sffe
etag
"55c7a8d78e6c0bd3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 Apr 2024 09:06:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 022C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Apr 2023 12:34:57 GMT
age
194242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1904
x-xss-protection
0
server
sffe
etag
"d57b42639333a446"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 Apr 2024 12:34:57 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 022C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Apr 2023 19:04:20 GMT
age
170879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12940
x-xss-protection
0
server
sffe
etag
"aa817619b4e21783"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 Apr 2024 19:04:20 GMT
truncated
/ Frame 022C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84fb4470a22a62d741e6a0a369ffc0ec700784bb414f96f77a20255beaf087a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
6588416536420273903
tpc.googlesyndication.com/simgad/ Frame 022C 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6588416536420273903?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnEN0-OaHVu1EhlTmjZPxTl4kTsrQ
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cbcb1196c5e91f7a8602c89b30bb7dd3c1f714d5c8072414882b592d45bc867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:36:34 GMT
x-content-type-options
nosniff
age
21344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106911
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 10:47:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Apr 2024 12:36:34 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 022C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 21:33:12 GMT
x-content-type-options
nosniff
server
cafe
age
75546
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 17 Apr 2023 21:33:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 022C 		295 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 07:58:03 GMT
x-content-type-options
nosniff
server
cafe
age
38055
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 18 Apr 2023 07:58:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 022C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaUXespA9ZMj3CIWr3wPZqpu4Drvrw-tv497I5aMR2tkeEAEgl6rtdWCVqp-CsAegAYeDv_cDyAEC4AIAqAMByAMIqgSBAk_QnVlf-RVyBnVXvdq_g21Gno2_nXJS209MgAbkPxDOIz_UQzQN1JOu6phxGy7ZZYfGEl6rtEiAXluLFQzG_zRWiC4rWdnjv5LWSe56My8K4v_JiF9sOmyjaFK3G5zGIqWPvyBIqaf9-u-zqcehluyODlE6Fu94I7DCwoRNFUuiVw3IYgZKvj6W56XarI9is0-mlWd-D-x7sRA0O61X0F0vu5MjZpU-HZq4q2otKLBYaQMWemfnqF0MKO_LRx5N_mTfVD6w7gH8gXiWlRqbWPPBz0yY6dc2kizWvV9ZvJ6hH3GbxOeCSyeVcKs6kJxwtiK5lKewu7sYIUJcsToZch9bwASkwejAmATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHprv-hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCA3BbSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzg0NTk2NjQxNzg4NjE2NhiW7hE&sigh=5JUbSb2KY3g&uach_m=[UACH]&cid=CAQSSgBygQiDwhMSz_y1sbbLA2cMigrKT_ssCjioroG_JEZGVLmGnqg-OkwtYthncTM1mzJrYfcuHo5cacJMIFayqlBbZLKMzIQmPzTCGAE
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/?random=1681756338960&cv=11&fst=1681756338960&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&hn=www.googleadservices.com&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&us_privacy=error&auid=1667400631.1681756339&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
491cc8a00db1007c36279c35b1f4f811dca0db1bd257ed18696f6d97407c749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1201
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e76a48c0-391a-0137-e31a-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/e76a48c0-391a-0137-e31a-06a9ed4ca31b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
92.79.90.34.bc.googleusercontent.com
Software
/
Resource Hash
559bf235d7efc79c6b9bb6ac1cd7a53aca53a7cf6dcbd1042e9e81b7c185d617
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3100
x-request-id
F1bMewFhJs70KEgbXjLE
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
cirt_v2.min.js
media-cdn.ipredictive.com/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media-cdn.ipredictive.com/js/cirt_v2.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.34.212 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6688) /
Resource Hash
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2016 03:48:58 GMT
server
ECAcc (frb/6688)
x-amz-meta-s3cmd-attrs
uid:501/gname:staff/uname:tpu/gid:20/mode:33188/mtime:1466480833/atime:1466480865/md5:06959ee0164f60e0f6954610590aff8e/ctime:1466480833
age
441115
x-amz-request-id
JVD2MATY08T3K3NC
etag
"06959ee0164f60e0f6954610590aff8e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
5805
x-amz-id-2
tobBStxL22RRPKEf9rIbZh8T90gyG2EDscHlxSnjZF/yLgWZOFesO2kLbrwAShaTaegnlVl9KHQ=
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Apr 2023 18:32:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
x/yrquoYcp+rb9MXw9Vspqi1B6h9F0VFSLCJ82/kD3jFb22FQnX5DWeINEnIQaRjtDEGUI12yaJW+24cA0FADg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
up.js
up.pixel.ad/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://up.pixel.ad/assets/up.js?um=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 16:22:21 GMT
server
AC1.1
age
381969
vary
accept-encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1550
x-llid
88dffbd16c80bcc3ddcfe377e6f126ff
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/?random=1681756338976&cv=11&fst=1681756338976&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&hn=www.googleadservices.com&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&us_privacy=error&auid=1667400631.1681756339&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932229734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c409407564feedccfd3c28cb6521b59d68f5128eb2b598d9dcca18945376d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1219
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/?random=1681756338988&cv=11&fst=1681756338988&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&hn=www.googleadservices.com&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&userId=replace%20with%20value&us_privacy=error&auid=1667400631.1681756339&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932229734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22d1b1aa497be7140e8ea47f785a6781feac1f6c39d7fadb7a02d100c5f64f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1686524-24&cid=1820827546.1681756337&jid=288109166&_u=aCDAAUAjAAAAAGAUI~&z=959082141
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1686524-24&cid=1820827546.1681756337&jid=288109166&_u=aCDAAUAjAAAAAGAUI~&z=959082141
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
68qqpq4108nqsq1p72560o51p12rn873base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		9 KB
10 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/68qqpq4108nqsq1p72560o51p12rn873base.en.vtt
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0bdb7c79b4fb8bbe183ab24e9c0a0de7b1800d40a6f5197282adcd5920b709b2

Request headers

Referer
https://www.921theticket.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
9382
last-modified
Mon, 17 Apr 2023 03:07:43 GMT
server
AmazonS3
etag
"73d18b6a3fe3d476d8e830b28e552e42"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
cWK6Cv2jAtW8WlYyhjfAdISl5MMMG2AxNPd8uAL8TiSDS227SdqWrQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame A16F 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.32.87 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-32-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 17 Apr 2023 18:47:19 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame A16F 		0
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Apr 2023 18:32:19 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.181.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-181-172.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.921theticket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 17 Apr 2023 18:32:19 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
view
securepubads.g.doubleclick.net/pcs/ Frame 7AF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoFD3RbLNxzgJQhd2mjH2SEb-QoJs1VczhorkWofojPoVmxrp9AfG5UInfUOlMqPQVDzoA5LDaGPPIGCwnzBn4PdxqX6iTJaIj8ZfeR8jI0wqLn8NIV88bCVam5PpQlsxyZ54Gbbw5QZMEK_se5eBYk2kwW3aoxMgI3_GQM26caTbtuxmSpRXJJRKGOVqTJcBRPVpTkW4L_Aja5NxT_4JAw55Cyc71ULPjWrzl1UvoJV_w01wPU3-d_bULi1nFhyO09c3ilZj1c641izWjt9JVHJJATV9pOKsgU4bRgPkkNogkMAbgaKRrNvss25Ca_m9rAg&sai=AMfl-YQ_urn7HHf44RB5yQqYGXegjYZcBVintWabNVcpfKQsLr4hlT4_X9bcFWUUv9PTgSbXbpS8PqwfHDyYzv4KT9Qd8Fq6fXmFSWlfp62sk6DsuQh4QXld2oKCXEjTxbukRouUMKu4gNvm7IkomJU&sig=Cg0ArKJSzAmoSaSbzaYdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:19 GMT
headerstats
as-sec.casalemedia.com/ 		0
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.921theticket.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5FOFnIhOM%2FwQS%2BYqfFVO%2BZ76N3nrqaj7GX2BwH6obC1aMb37jdU5rBEXCDjlsS70Ks0GYAWb%2BIgybpjfr3knDuKKqFSTw0M%2Bspwqi8hozxD9eeADak4JnTAYxrbMKL%2Fhh1oqsiHEFE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b96c0024f319055-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304040531000/ Frame 3209 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Apr 2023 22:28:29 GMT
age
245030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61837
x-xss-protection
0
server
sffe
etag
"4c71ce2fa24fb84d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 13 Apr 2024 22:28:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 3209 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Apr 2023 14:33:58 GMT
age
273501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5234
x-xss-protection
0
server
sffe
etag
"5c3964a98ed5c9e1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 13 Apr 2024 14:33:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 3209 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Apr 2023 09:06:48 GMT
age
206731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28939
x-xss-protection
0
server
sffe
etag
"55c7a8d78e6c0bd3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 Apr 2024 09:06:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 3209 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Apr 2023 12:34:57 GMT
age
194242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1904
x-xss-protection
0
server
sffe
etag
"d57b42639333a446"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 Apr 2024 12:34:57 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 3209 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 15 Apr 2023 19:04:20 GMT
age
170879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12940
x-xss-protection
0
server
sffe
etag
"aa817619b4e21783"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 14 Apr 2024 19:04:20 GMT
css
fonts.googleapis.com/ Frame 3209 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 17:13:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3209 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 21:33:12 GMT
x-content-type-options
nosniff
server
cafe
age
75547
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 17 Apr 2023 21:33:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3209 		295 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 07:58:03 GMT
x-content-type-options
nosniff
server
cafe
age
38056
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 18 Apr 2023 07:58:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3209 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBLt_spA9ZM7eLIb83wOIwp3wApuljqVu1OCy_u4Q2tkeEAEgl6rtdWCVqp-CsAegAfvk35gDyAEJqQIUsF3gv1eyPuACAKgDAcgDCqoEgQJP0LHv6rXqnO_5pEBRmM9kPG-4Jjph3aEwglBr3UTksuNWqNF5BrMvHiJ8AdD7RK6194ertEGd-SttHT0H3bKDfcEyLT3ABgWPvAHdj4zGaPf4NtmIbz1HHSaUtbSOY5obR_BOVFXKwBj00xy09H3Z0lf2qOP-NzQd4F7ajU_NsTKuiDwRy1i-ECBI2zuYKRsshpLyNO7Hcn-cg2SfZWxXdy8HXjQrNGispFznNp3NlfWNxrwaEz7vRDTNzkQQ1bsQFZ6jicP6cp63-r_vUYJ66Ht0ZKxW8gkWEAtsWn9XZcaOxVIYeOUGFCCosTbln5aqhHTRofcQxD8RGFpWlpAgPMAE5PP41qME4AQBkgUECAQYAZIFBAgFGASgBi6AB-2aoGeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDIgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODQ1OTY2NDE3ODg2MTY2GJbuEQ&sigh=ZA_LkR2XIgc&uach_m=[UACH]&cid=CAQSSwBygQiDvrtetQOwOdQfg0hGh_VSjx2XMN0ugfkXZxhRAu762TXIHa8udrJQWij8xWJC928nUjrcp9e51q4zrCkv9n5Y0TtLZpxpZBgB&template_id=5000
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/14896967489930798855/ Frame 3209 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14896967489930798855/14763004658117789537?w=400&h=209
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c14dce35fd13705c9fde42eed967bc87472dd1a61ff1fc8695ce640f2d86a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:05:15 GMT
x-content-type-options
nosniff
age
260824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18895
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 04:36:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Apr 2024 18:05:15 GMT
truncated
/ Frame 3209 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3209 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3209 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90af7bc917e617c333b15d89c5bd5118ebec4055f3df0c2cf7484f4f88b93659

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
rpr1oo5517112r39r3205n850033r8o1.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		3 KB
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/rpr1oo5517112r39r3205n850033r8o1.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f51534c417c04200e06a493da3ca31dc3ae30d023d9f46c7326e75438156f828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
content-encoding
gzip
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Mon, 17 Apr 2023 03:08:21 GMT
server
AmazonS3
etag
W/"41cc68b5dda49c0ffb9071134239e88f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
F3xPIMTHRt5e2OoYQViOVZxM1wkO28nECdLU7HJzOTqvQZV4SAC6Xw==
1a
i.clean.gg/ Frame 7AF7 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.921theticket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 17 Apr 2023 18:32:19 GMT
server
nginx/1.21.6
via
1.1 google
truncated
/ Frame B2CD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e728809906b030015bc2fafff02937c03210aa0cf9a3bd281718b8805798f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
pwm_all.min.js
b3.tunegenie.com/js/ 		119 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/loader2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d0ab5a723a62a656f416eded56644e45ac5d29c2c2858388d3102571592b884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:08 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
Hzso136vZMoTJ38.5jlLYddX5P3qE.Nk
last-modified
Wed, 07 Dec 2022 23:44:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772712
etag
W/"72ad82955ee87e6e522a5958fa9a6d67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
AR95Cyt5PS_dRUyvE7N56V4gTO0kpqv7zkho6bHpKrfhUYjc7EjR4Q==
bid
aax.amazon-adsystem.com/e/dtb/ Frame A16F 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.921theticket.com%2F&pid=UKHfiZyq0KO0s&cb=0&ws=1600x1200&v=23.407.232&t=2000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_979fbd82e579b356%22%7D%2C%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2Cd145BTDCORXCZWPIFbjVRg%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
VGKYN2W1VY29PWK140ED
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
faFgnGJgHxjGwJZNO4gxW9VOyBmn58JEZyw-X6NDCvYIFyq1zvaalA==
timeline.16b53cc33aaa562f8f41a495bf720289.js
platform.twitter.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:19 GMT
Content-Encoding
gzip
Age
2842772
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2964
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/674D)
Etag
"569768187d20181e1cdea6aa19f3a4b4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 3209 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.921theticket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options
nosniff
age
592646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Apr 2024 21:54:53 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/ Frame 7AF7 		401 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
783acc04174098c9e538ec02074dfe433e1ce8067720c240def1178c83252a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 13:52:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
16765
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127160
x-xss-protection
0
server
cafe
etag
12554150418764173266
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Apr 2024 13:52:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 7AF7 		120 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.921theticket.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8a9b4b8a6437a02e6224f1273e7e3ec1d1c78a2f1546b9f320fd0dc3b7ef77a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:19 GMT
pixel.gif
pixel.westseven.media/ Frame 7AF7 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=921theticket_728x90_1&ao&r=0.6259675172438093
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-13.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:19 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
localstore.js
script.4dex.io/ Frame 7AF7 		483 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:19 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
932563
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAkcbRf5XaPdEGtRxQWu9dT0SOg5zWa5AjuaU6sZ9Oo%2BwpfFqqMdVMG1vy3ZRkASgnrP7U9uBOjSAiYugcHjocfsv6TwjijyOwL1s8JpT5CBTwpOWi0JZ8b10yeeJt5gO54%2B9mGzoxHJ7UMJ"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7b96c004c9c7366c-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame B2CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4kyPB6f32IVgGnlrEf4lVkuW990AVnPiJWhozNCKO6Mv90OMQ0ICXP-X8o1ISfxoPsJxZpQEyJw3xKgh_Dhlw8_4Ht9BYGRRj76fF2WTYLDsbjlKe9DclO70yjp0wOzZ5XSPSE_dATK5F1FOOI3fY0CiqGv5IlUqr4zFA1wMFLdRxrHNzsayDv3BJ4yjX1GfLZKmvMVycCSfBA51PqDybenaK0L1xepZTFB31jlMf4KvUNj4CfwpFewHrVyBLnNWCz87HfSZy1UznBKUgP7OUckp69IOyBCygbF3ZhdcivSTPYXJDSauB_OPu9zv6SA&sai=AMfl-YRryx3KGQSw2xrMDBnEmFyf-Bf57tZTs5z9YT2Gxt4VMTJfHOdcqR4v1f7MF56rFAyq_ZoLwVEb4n_I1mrYmOgtY0aTg8xLHD0kmVkjIm065JEn9Cgp3B7kmpnliXSZNRVNGiGPC3DLz4dAfsux&sig=Cg0ArKJSzGGLUcIxR72KEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:19 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.921theticket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.921theticket.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 17 Apr 2023 18:32:20 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A16F 		173 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.83.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-83-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
875dcf95be3e2a30423fc11b29a88ec32972bb4911fc6144cf51d1ece0d7f18a

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.115.0
content-type
application/json
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame A16F 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Mon, 17 Apr 2023 18:32:20 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.009136
X-SpotX-Timing-Transform
0.000342
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.009136
X-SpotX-Timing-Page-Require
0.000349
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001980
X-fe
021
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.013040
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000314
Last-Modified
Mon, 17 Apr 2023 18:32:20 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.921theticket.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000013
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000886
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A16F 		138 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a5b1ab9e64e8f8536a584a507c80a99e5917ec3cb372c0371f4ed948f60424ca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:20 GMT
AN-X-Request-Uuid
d155902f-04b5-4f65-bcd9-eea579f03e28
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.921theticket.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame A16F 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.921theticket.com
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame A16F 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.921theticket.com%2F&tmax=3000&us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.145.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-145-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status
16
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ Frame A16F 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=921theticket.com&ccpa=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-106.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.921theticket.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
x-amz-cf-id
m9mUU8vxeexURWFtLe_wzZMVIoM9Xs9NHKA33c3nYREJxCbg2OkUDQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame A16F 		37 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213f219c0fede4bf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.921theticket.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.921theticket.com%2F%22%2C%22domain%22%3A%22921theticket.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22921theticket.com%22%7D%2C%22content%22%3A%7B%22cattax%22%3A7%2C%22cat%22%3A%5B%22545%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22iris.tv%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22ic_5619313%22%7D%2C%7B%22id%22%3A%22ic_5900591%22%7D%2C%7B%22id%22%3A%22ic_9971957%22%7D%2C%7B%22id%22%3A%22ic_3346711%22%7D%2C%7B%22id%22%3A%22ic_6287667%22%7D%2C%7B%22id%22%3A%22ic_2239888%22%7D%2C%7B%22id%22%3A%22ic_9320469%22%7D%2C%7B%22id%22%3A%22ic_6142702%22%7D%2C%7B%22id%22%3A%22ic_9859763%22%7D%2C%7B%22id%22%3A%22ic_4011328%22%7D%2C%7B%22id%22%3A%22ic_0084516%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A501%2C%22cids%22%3A%5B%22iris_979fbd82e579b356%22%5D%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.921theticket.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22lgl6awq3.vyfndi%22%2C%22adunitcode%22%3A%22lgl6awq3.vyfndi%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22146c48e6beac623%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22tid%22%3A%227c9d2333-5401-4fd0-9e96-f901eeaef968%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A300%2C%22h%22%3A169%2C%22sizes%22%3A%5B%5B300%2C169%5D%5D%2C%22playerSize%22%3A%5B%5B300%2C169%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22d145BTDCORXCZWPIFbjVRg%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e37a252256529ab9ee6dbd88bc8675380841fdafd112d73fb5e96f6f64c302

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtBEcG3itRKZvYGpB7kiueuulnWc8QUVK%2FnrPmEwXUMfzeCDkP2mxhJ%2BCxTsyVdVZtWDEKTS2h3t3eTzHok59ThUp%2B0SCjywIZDZUcOhqvGbuVfSXNKS3LGZRQOr0K0rynXeZ9bd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b96c0052c0d35eb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame A16F 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cors
data.ad-score.com/data/ Frame 7AF7 		50 B
601 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=f53e91fdd18903732d619389&pm_pl=1681756340114&pm_td=16&pid=1000449&en=1.1&callback=__pm_glbl_XLD9rzKXMaXgJxxeQhZeND9s._gc1&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
c0c021c5bd2e030c6ed84a23ae701a5f211fd70a08a0914ee563d234633b9d3a

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:20 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.921theticket.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
truncated
/ Frame A1EA 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7AF7 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 022C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date
Mon, 17 Apr 2023 18:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
c
prebid.a-mo.net/a/ Frame 7AF7 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ Frame 7AF7 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.921theticket.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ Frame 7AF7 		24 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0-PPI
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6086975db5a833f1cf1f8d845f7b2e6d3023cba253084f38d21d0ae95b3406fd

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 17 Apr 2023 18:32:20 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.921theticket.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
hb
hb.undertone.com/ Frame 7AF7 		0
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3989&domain=921theticket.com&gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-106.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.921theticket.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
33
x-amz-cf-id
99twLgJA5pgOrXUdGgKTYGAEfZTcld13eOTKi8iAxN_HUvXv0Ljxsw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7AF7 		526 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19984&site_id=372630&zone_id=2036220&size_id=2&alt_size_ids=1%2C5%2C43%2C44%2C221%2C251&gdpr=0&us_privacy=1---&rp_schain=1.0,1!westseven.media,89ce2627d7f4,1,,,&eid_pubcid.org=1ce4ac37-7b53-4753-9d90-4dba70c21ab3%5E1&rf=https%3A%2F%2Fwww.921theticket.com%2F&tg_i.page=https%3A%2F%2Fwww.921theticket.com%2F&tg_i.domain=921theticket.com&tg_i.elementid=921theticket_728x90_1&tg_i.pbadslot=%2F25756908%2C6717%2FWSM%2F921theticket_728x90_1&tg_i.aupName=%2FWSM%2F921theticket_728x90_1&tk_flint=dmpbjs_v7.31.0-PPI&x_source.tid=30ee254b-b7bd-41cd-adef-034a4337245d&l_pb_bid_id=10144cbd540af26&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F25756908%2C6717%2FWSM%2F921theticket_728x90_1&slots=1&rand=0.1465232793060145
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2afdfe3d6b8f1361176b5ab7134e4c4754c888286ae0527c85eb95c1feec9c68

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.921theticket.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
526
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ Frame 7AF7 		1 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8961
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6f3b48f8e29c5ee2c4bdecc130a40bad9bb1905075788bad41d3f2104e1b6eff

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.921theticket.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 7AF7 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 7AF7 		138 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
32d9b82d940e893c04166240cabd5d782a23e3ef883625fa32d0f5bb25a8cfbf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:20 GMT
AN-X-Request-Uuid
f7954400-4501-43de-8331-8a8c8c3c8e1e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.921theticket.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 7AF7 		139 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6e471670f0691069e67f699d581d1e65c88d65e591d823721d7011d5bf903260
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:20 GMT
AN-X-Request-Uuid
6b3a6f42-8f4f-4959-8bef-6cdc464f9c7b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.921theticket.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.google.com/pagead/1p-user-list/932229734/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/932229734/?random=1681756338960&cv=11&fst=1681754400000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&fmt=3&is_vtc=1&random=2925014851&rmt_tld=0&ipr=y
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/932229734/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/932229734/?random=1681756338960&cv=11&fst=1681754400000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&fmt=3&is_vtc=1&random=2925014851&rmt_tld=1&ipr=y
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ad.ipredictive.com/d/rt/ 		631 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/rt/pixel?uuid=239a0e6f-4986-456d-8b97-8f4e8e5683db&rtsite_id=57885&sdk_src=js&ts=1681756341&rr=7923786513938667&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.921theticket.com%2F&ds=1&xp_pdf=1&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.921theticket.com%2F%22%2C%22title%22%3A%22THE%20TICKET%2092.1%20%7C%20KQSM-FM%22%7D
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.46.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-46-169.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:20 GMT
Content-Encoding
gzip
Connection
keep-alive
X-CI-RTID
c21f1a0f-8100-4ac2-a6de-0ea8e1eb0eb5
Content-Length
479
Content-Type
image/jpeg
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 94B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?gdpr=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 17 Apr 2023 18:32:19 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
d0001ffffd6696eb
pixel.sitescout.com/up/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/d0001ffffd6696eb?cntr_url=https%3A%2F%2Fwww.921theticket.com%2F&gdpr=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:19 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
www.google.com/pagead/1p-user-list/932229734/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/932229734/?random=1681756338976&cv=11&fst=1681754400000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3495287867&rmt_tld=0&ipr=y
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/932229734/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/932229734/?random=1681756338976&cv=11&fst=1681754400000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3495287867&rmt_tld=1&ipr=y
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/932229734/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/932229734/?random=1681756338988&cv=11&fst=1681754400000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&userId=replace%20with%20value&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2296518408&rmt_tld=0&ipr=y
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/932229734/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/932229734/?random=1681756338988&cv=11&fst=1681754400000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=0&tiba=THE%20TICKET%2092.1%20%7C%20KQSM-FM&userId=replace%20with%20value&data=event%3Dpage_view&fmt=3&is_vtc=1&random=2296518408&rmt_tld=1&ipr=y
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
181461212508101
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/181461212508101?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f81194cbd4697dd96c6a57cd32d09427a8ecdc603fd9dce20a981341b297f7d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Apr 2023 18:32:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110239
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/dQtkzyPHq0KTmjlobToV3BW+XFa1ZLpeTR0ICbp8Uk2k+lsG36FX2ZqiT0Il6Fol2Wn3oMowXV2bLaJ5UnVaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rpr1oo5517112r39r3205n850033r8o1-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		417 KB
418 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/rpr1oo5517112r39r3205n850033r8o1-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4f5ce1383621b5fa9e85147afff614ffbef85781cfa9cfd48b716d0602f3d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
426572
last-modified
Mon, 17 Apr 2023 03:08:13 GMT
server
AmazonS3
etag
"9d85b922c920225ce30ab3f5b6630816"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
6Gln7Vqy8CI2Fj4uhCKiqCgVrPzPC9s8IuJQrt-42CYH4gWaYS7LTg==
9b509175-dbb5-476f-b662-dc5763165a12
https://www.921theticket.com/ Frame 7AF7 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.921theticket.com/9b509175-dbb5-476f-b662-dc5763165a12
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
7ec2dd34-345b-4252-8d59-e9da08b71adf
https://www.921theticket.com/ Frame 7AF7 		725 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.921theticket.com/7ec2dd34-345b-4252-8d59-e9da08b71adf
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AF7 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPNu_-f3-dG1YALQaapD5Sh1UrWROMmJbjRq1JtlyQQ0w5ph-TiJ3TkC4Hdc7ZpBfaXUc_rSoNUa9BK1e3H3y2p4JJd4Yxu-_wXfHk56a4HqOVUscj&sig=Cg0ArKJSzCfDzSuTfJI3EAE&id=lidar2&mcvt=1051&p=105,436,195,1164&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2698566425&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681756338223&rpt=1253&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.tunegenie.com/v2/full/config/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.tunegenie.com/v2/full/config/?apiid=m2g_bar&b=kqsm
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.1.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-1-108.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
7e3a506844e7dc60ed271a3649e587166c7918f3dbeddce27cda96a0d0ec33bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Server
nginx/1.20.0
Vary
Accept-Encoding, Cookie
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
776
Expires
Mon, 17 Apr 2023 18:47:21 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&ldt=BIDS&key=5oC5qDti&c_id=5513&seq=1&order=5&vIndex=0&absoluteTime=5065&relativeTime=2597.9&sm_id=2685758&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4735&load=1&status=LVFNSNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.rubicon.time=619.3&prebid.bidders.spotx.time=793.8&prebid.bidders.appnexus.time=793&prebid.bidders.unruly.time=790.2&prebid.bidders.triplelift.time=789.2&prebid.bidders.undertone.time=788.1&prebid.bidders.ix.time=786.4&prebid.bidders.pubmatic.time=783.5&prebid.start=4261.5&prebid.time=802.5&prebid.timeout=3000&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
silent.mp3
b3.tunegenie.com/ 		813 B
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/silent.mp3
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17721a87106f3de689f70866bbc543c836129034f7d01e4509691cb39f1fdfe0

Request headers

Referer
https://www.921theticket.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 17 Jan 2023 19:27:32 GMT
x-amz-version-id
uk8Oo8ulaov4J86_2cSyKDrRzbTCtqj5
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
last-modified
Thu, 10 Sep 2020 03:51:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772689
etag
"bc43049e0f0bc60fa3e18478e7251d87"
x-cache
Hit from cloudfront
content-type
audio/mpeg
Content-Range
bytes 0-812/813
cache-control
max-age=7776000
accept-ranges
bytes
x-amz-cf-id
_wvvw1jM_p_liwV8W3Qlck7Ka6lsIPKpTojjIMo9r9z_UmeO8kZREw==
Content-Length
813
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=181461212508101&ev=PageView&dl=https%3A%2F%2Fwww.921theticket.com%2F&rl=&if=false&ts=1681756340889&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681756340888.1737202114&it=1681756340543&coo=false&rqm=GET
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Apr 2023 18:32:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cors
data.ad-score.com/data/ Frame 7AF7 		1 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=f53e91fdd18903732d619389&pm_pl=1681756340114&pm_td=777&pid=1000449&en=1.1&callback=__pm_glbl_XLD9rzKXMaXgJxxeQhZeND9s._gc2&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.921theticket.com
Date
Mon, 17 Apr 2023 18:32:21 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
adagio.js
script.4dex.io/ Frame 7AF7 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2iefilItJ8y%2BK48cjLtR92%2FO7Y4EM6v6CDd8X69PoIz9rO%2Fr0ida%2BY4KfB87FJJTr0mrN1sAfEXUtYFb75W88kkzpdCrqBHFBR%2B8v2234rVlY321y0oe3UaLZe%2FwZxinjXUk5bLhCVbKMhY"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7b96c00ace2f0410-FRA
RedZone921
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame A0E2 		68 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
f52ebc79d66a4e92b191f0a6ab04a676fb04fb46cce3d0022ea5098813b5b83e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, max-age=60
content-encoding
gzip
content-length
8417
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 18:32:21 GMT
etag
"11101-XfNj2G9vK+dWT5eov4HjhHeoAic"
perf
7626143928
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
c9ad6bd2c63ee3a895a83595476252ccb5c6bf6d1fd8503aa16c5deed4edc654
x-response-time
451
x-transaction-id
e0af32977d0d75da
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame B50E 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2F53596966&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D297421206-bGqNGgtBkHxKexnR%26schain%3Dstnvideo.com%2Cd145BTDCORXCZWPIFbjVRg%26content%3D4735%26placementType%3DPremium%26embed%3D5oC5qDti%26domain%3D921theticket.com%26player_size%3Dsmall%26player_width%3D300%26player_height%3D169%26player_type%3Dfloat%26version%3D7.15.1-G%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D0%26excl_cat%3Dstl_id00014%26rand%3D3%26uhr%3D18%26iris_id%3Diris_979fbd82e579b356%26iris_context%3Dic_5619313%2Cic_5900591%2Cic_9971957%2Cic_3346711%2Cic_6287667%2Cic_2239888%2Cic_9320469%2Cic_6142702%2Cic_9859763%2Cic_4011328%2Cic_0084516%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.921theticket.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.921theticket.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.49%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=125000&vrid=1263268&us_privacy=1---&hl=en&cmsid=2631244&vconp=2&video_doc_id=2685758&vpa=auto&vpmute=1&cnc=6717&kfa=0&tfcd=0&sdkv=h.3.568.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=0&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.568.1&sid=73A95553-4E5B-43EA-A82D-CB423AB8AD56&nel=0&eid=44754609%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fwww.921theticket.com%2F&loc=https%3A%2F%2Fwww.921theticket.com%2F&dlt=1681756336061&idt=2877&dt=1681756341050&cookie=ID%3De28b3ab68eeac0bf%3AT%3D1681756338%3AS%3DALNI_Malh-Bl-GSNrgvQVrMMldAf33Bc4w&gpic=UID%3D00000bd7e4826106%3AT%3D1681756338%3ART%3D1681756338%3AS%3DALNI_MbzzlkwvsZZyWDTKlyCypdLQ6O-Qw&correlator=1342272632666942&scor=3268466022515871&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c2fa918a58fadf99d269a894eea5d87024020be5b7c0eab95deea1619929e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3361
x-xss-protection
0
google-lineitem-id
5849218212
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374018597
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dea4717c-05e3-4bd1-b3ae-8d8408a15a65
https://www.921theticket.com/ Frame 7AF7 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.921theticket.com/dea4717c-05e3-4bd1-b3ae-8d8408a15a65
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
ads
securepubads.g.doubleclick.net/gampad/ 		114 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3956229276488818&correlator=2995406800286140&eid=31073791%2C31073829%2C31073835%2C44769662&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KQSM.FM&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x60%7C300x50%7C320x50&ifi=11&adks=427339486&sfv=1-0-40&prev_scp=pos%3Dplayersponsorlogo%26noprebid%3Dnoprebid&cust_params=cms-sname%3DKQSMFM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCBS%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie=ID%3De28b3ab68eeac0bf%3AT%3D1681756338%3AS%3DALNI_Malh-Bl-GSNrgvQVrMMldAf33Bc4w&gpic=UID%3D00000bd7e4826106%3AT%3D1681756338%3ART%3D1681756338%3AS%3DALNI_MbzzlkwvsZZyWDTKlyCypdLQ6O-Qw&abxe=1&dt=1681756341073&lmt=1681752755&dlt=1681756336061&idt=1201&adxs=1065&adys=1141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.921theticket.com%2F&frm=20&vis=1&psz=1120x-1&msz=120x-1&fws=516&ohw=1600&psts=AHQMDFfcWQfHry-p34sU9tXIVSRZe6ulA3-2XtMqqwEO7XdVzkQ36ZgOPcOeyVH28Vg70B4ieoZU9y2lyw7pTwa9a_eJTIOklQ%2CAHQMDFcqwmNRdjUW1QTF3eoOyzXauLauWXfcz1e_TuCmEYCKoGBOmRw7jmG5QCmzQl2rL5Bz8jW-TLsdJG2wwUUWqivO1mnhSQ%2CAHQMDFfAf7Ej7aiRy6MDo5M3KS0Td20Ik9-DfumYDEeUq1vDV-De%2CAHQMDFfUWEyyqpfRqWMXEPKahRUNIUvR106M7EmRyLmTwuwRiJSu%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFdUzHPu6j6TktcYOypVqGDL4p6GoFfUlR2plkLEIAGd6vhz%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1820827546.1681756337&ga_sid=1681756338&ga_hid=999957307&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2967d996f2573b63528b3822402f1357aa7e98812cd8be584b454e6b82208405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35991
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 7AF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7AF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.921theticket.com
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7AF7 		126 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2341701547716775&correlator=130558910174384&eid=31072878%2C31073792%2C31068366&output=ldjh&gdfp_req=1&vrg=2023041101&ptt=17&impl=fifs&gdpr=0&iu_parts=25756908%3A6717%2CWSM%2C921theticket_728x90_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C300x75%7C320x50%7C300x50%7C234x60%7C216x54%7C120x90%7C216x36%7C120x60%7C168x28%7C120x30%7C120x20%7C2x2%7C1x1&ifi=1&adks=2548567318&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De28b3ab68eeac0bf%3AT%3D1681756338%3AS%3DALNI_Malh-Bl-GSNrgvQVrMMldAf33Bc4w&gpic=UID%3D00000bd7e4826106%3AT%3D1681756338%3ART%3D1681756338%3AS%3DALNI_MbzzlkwvsZZyWDTKlyCypdLQ6O-Qw&abxe=1&dt=1681756341106&lmt=1681756341&dlt=1681756338223&idt=2478&adxs=436&adys=105&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=xo6a5152ihts&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.921theticket.com%2F&ref=https%3A%2F%2Fwww.921theticket.com%2F&top=https%3A%2F%2Fwww.921theticket.com%2F&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1820827546.1681756337&ga_sid=1681756341&ga_hid=236818208&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f3883a9baa572c14af4ba4c15c48206dbd40bcbdcf6bf67410afa627c69aae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35658
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7AF7 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m2023041101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m2023041101/pubads_impl.js?cb=31073792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bda1e724d1e0cbc7dada55513ba924c2dca17fbccb23e3d63ec846ef18398f95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11364
x-xss-protection
0
container.html
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D78 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:21 GMT
expires
Tue, 16 Apr 2024 18:32:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cors
data.ad-score.com/data/ Frame 7AF7 		1 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=f53e91fdd18903732d619389&pm_pl=1681756340114&pm_td=1033&pid=1000449&en=1.1&callback=__pm_glbl_XLD9rzKXMaXgJxxeQhZeND9s._gc3&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.921theticket.com
Date
Mon, 17 Apr 2023 18:32:21 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
car-models-speeding-tickets-data-2023.png
a.storyblok.com/f/162273/946x1095/a4c8290c1c/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.storyblok.com/f/162273/946x1095/a4c8290c1c/car-models-speeding-tickets-data-2023.png
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-53.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7902803ab519270d9c6374a0ba8b07cbe582c91b8f262bda3dd63d5a00b19f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 18:08:02 GMT
x-amz-version-id
8UTYbQO3MZqvNgUHqBNP9nEbEV4Mm21F
via
1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
174260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
62502
last-modified
Thu, 06 Apr 2023 14:31:26 GMT
server
AmazonS3
etag
"a75b277dd8fb3bbdb26712a0508f1e40"
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8LRd5x7eYHycu7c894P9cGByaJvEaRIiMdvk6ZI2sTkHzyp1wxRT7g==
expires
Fri, 05 Apr 2024 14:31:25 GMT
insurify_logo_orange.svg
express-images.franklymedia.com/6616/2020/03/09171956/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/6616/2020/03/09171956/insurify_logo_orange.svg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0d49ae011d8ef1983288cb6050e1964a1991e1639868c0be52753423b1ad60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
432Z0N5KMERX0176
age
107497
content-length
2772
x-amz-id-2
ED6Em8Oxf0Hv6PxvQ5dlKYmMVEcC9UQ/Iu9bbPxIQHnejIiu8OwqyzId71SpjGtV9HCYsq24mgw=
last-modified
Mon, 09 Mar 2020 21:19:57 GMT
server
cloudflare
etag
"2cc2d396ff45a173841bdf575ee86638"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96c00c3bd69ba7-FRA
expires
Tue, 16 Apr 2024 18:32:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7AF7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 18:32:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D30B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 12:26:07 GMT
expires
Tue, 16 Apr 2024 12:26:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0D0F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
94150fd8c1c72a0cc58ad35c9d56571a0be3463b9d553a90e67362f97d551ace
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NZ3KXhkZ5ittP2vuAX2YCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NZ3KXhkZ5ittP2vuAX2YCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:21 GMT
expires
Mon, 17 Apr 2023 18:32:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 7AF7 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
/
b3.tunegenie.com/ Frame 7D14 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/?tgv=e905577.ba4de90
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06fd4271e82cdb8d10b3b34667c6d3a83e2a808d1034a5618ebe5fc9653ffcdb

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7772718
cache-control
max-age=7776000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Jan 2023 19:27:04 GMT
etag
W/"6faeac286332676bc8eb22f3ae9c485a"
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-id
I_Y8dRWPl4RI9v5Ood-fh_gW73QlC3Thd-kOMYgHxrWi7U382By7Pw==
x-amz-cf-pop
FRA56-P4
x-amz-version-id
XSsYrOJLJYePkAlJWTlHIIe6KQ2jQYhP
x-cache
Hit from cloudfront
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m2023041101&jk=2341701547716775&rc=
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
cors
data.ad-score.com/data/ Frame 7AF7 		1 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=f53e91fdd18903732d619389&pm_pl=1681756340114&pm_td=1176&pid=1000449&en=1.1&callback=__pm_glbl_XLD9rzKXMaXgJxxeQhZeND9s._gc4&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.921theticket.com
Date
Mon, 17 Apr 2023 18:32:21 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame D30B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 12:09:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7D14 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75f291c35a9c9576fd9b5c443b42dbbb289645005a74bfe76929623e9c541232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25406
x-xss-protection
0
server
cafe
etag
49 / 19464 / m202304110101 / config-hash: 14714238765142767567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:21 GMT
js
www.googletagmanager.com/gtag/ Frame 7D14 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7150119-1
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
162b402b205ed475698f221ab93ef71822d0a1a41cc99da2bab24d3d41dae23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44610
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 18:32:21 GMT
index.1d7f3daa.css
b3.tunegenie.com/css/ Frame 7D14 		108 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/css/index.1d7f3daa.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d3b318a856e3825d40c46bc3b2b2a3f0efda05f1e50d0186f9962d7f8abe33d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 18:08:41 GMT
x-amz-version-id
mjY1fQpCg_sA7Omw._kv1rGt9H44rn2a
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 20:18:29 GMT
server
AmazonS3
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
etag
W/"88b4754d3874cb2d7c08b5236c75af7b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
age
5444621
x-amz-cf-id
zfvjSaX798S28QfPpqkpP4PxBaBrnutaT37QCwAzEJ5ObAhjJUD9kw==
chunk-vendors.6e6c4ca3.js
b3.tunegenie.com/js/ Frame 7D14 		420 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-vendors.6e6c4ca3.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a660c0b2cf593afb9d74a7e0d33efc6979d8e58608056fb31dc6e4a5a71a1797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
txCDY1GtPGOjg.LCCJAY6BZ0H2ThMiuC
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"c98e989fb78f907f040028cb38d1764d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
P403fWT4iN5dfjAz14HAucd7hNQKZjPatkvzp3b-YW724PiTfw_qNw==
index.c8514102.js
b3.tunegenie.com/js/ Frame 7D14 		158 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/index.c8514102.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6cedeb17f0877b56cf94ef0bf81606ded07dd5efb18ec5b351fcf927a51aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
ASEoV.HAl0NVe.bpbPwdeG7Oza5vRyBK
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"1e48d5af1391f5b7142c7f9361257ad3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
OmK3ZKPfpBq6Khf0iMdC0jTsm_-GtcgtcAYhfH7gnE3XYJeV_ivS0g==
chunk-1121b3a3.16c3e697.css
b3.tunegenie.com/css/ Frame 7D14 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/css/chunk-1121b3a3.16c3e697.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 05:39:24 GMT
x-amz-version-id
tCOba1qkJ0SBEv40Bzu.1HyunEt06jMS
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
last-modified
Wed, 19 Aug 2020 22:27:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3329578
etag
"78efcc1be888c63911df588255a60628"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
712
x-amz-cf-id
-WGCkR8ZbDL6W7exyiPy8toid3d3nOihj8G8Mb5xtUUtpf2oTy5lxQ==
view-Favorites-vue.27446320.css
b3.tunegenie.com/css/ Frame 7D14 		0
449 B 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/css/view-Favorites-vue.27446320.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:34 GMT
x-amz-version-id
yKTiPNR9XxuGUt_2G2LiRjyRZwm5nCEQ
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
last-modified
Wed, 19 Aug 2020 22:27:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772687
etag
"edd647e337b1fa82b100f7eca0b81186"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
56
x-amz-cf-id
hKIE9GkRKM4zHP6DHw6wDRyXeyRj-9l8iIeKEC-9faLai9FfXULMaw==
chunk-1121b3a3.ae827baf.js
b3.tunegenie.com/js/ Frame 7D14 		0
71 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-1121b3a3.ae827baf.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
aoPcJbzA4.6PHPHHNoCJtcgUPIqh1S5x
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"eb1311114d02e943e27f1018ed8cb5a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
0n2qf58ewh8-t287j-VSHenJYVvymllEojKSQYFppRDB1IalADTJ3A==
chunk-2d0d76a4.883ed436.js
b3.tunegenie.com/js/ Frame 7D14 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-2d0d76a4.883ed436.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:34 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
StfTLI71TQynZK4C5LRAzhYW_iAICpab
last-modified
Wed, 06 Apr 2022 17:21:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772687
etag
W/"b2e69db13a2ed91d80691bdb7f238f61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
ynvR07B1851Hlb4PoFCq8-kYaJ83_YwfhuaafvON_OCbUMewWab5fw==
chunk-2d21a016.76b09c6b.js
b3.tunegenie.com/js/ Frame 7D14 		0
73 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-2d21a016.76b09c6b.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:27 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
i2oR1yVpqMKdozkd5_bYdtoCi803UKEY
last-modified
Wed, 06 Apr 2022 17:21:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772694
etag
W/"412f50bcb698d4296019225942708185"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
G0Qn1cVdidq_bjyAxhpnR0nXylb791yLE5u_sF4G1XS2t8BMd6bLxA==
chunk-cc61cabc.da3c12de.js
b3.tunegenie.com/js/ Frame 7D14 		0
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-cc61cabc.da3c12de.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:34 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
7t0NRAqix.Inz5Jrh5oeRMgtvs1.8RLW
last-modified
Wed, 07 Dec 2022 23:44:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772687
etag
W/"adc781e0d79a2acb025aa418d67b7a23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
-FX6utMJwDshfDV2V3Qh4OAp2exZpImiE06bBgdxoHVrE-R4ahPTDg==
view-ArtistInfo-vue.b71db261.js
b3.tunegenie.com/js/ Frame 7D14 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-ArtistInfo-vue.b71db261.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
fAGl5ReGbKdxVD1QQ6Z8Y.iiey5QPR6o
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"2d527dcad1d4fa26c6e87b7aad47a964"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
UlDeqR3Nf66A4xEWklQtGGpRy-DX51c9Shbqfp780rUQyFNiZLuCAQ==
view-Concerts-vue.07f655bc.js
b3.tunegenie.com/js/ Frame 7D14 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-Concerts-vue.07f655bc.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
n0Ps2fN.7geIi4YkQhSGvWTdgaIzKysb
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"c21ea258d88b739243946b61ac26f672"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
w2tmd2p0jV44RMRpfPwLPPf1-M56Idki66clsmw0X7tgAELTtFPG_Q==
view-ConcertsByArtist-vue.e4396229.js
b3.tunegenie.com/js/ Frame 7D14 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-ConcertsByArtist-vue.e4396229.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
KfxiHfT_eR924._HkZaUHHp4wObdVxmL
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"d3afcb6d298f43d9028d9aa6db236894"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
qiXPJTOdmo8rqc3JVWTyhExl0SRe3OxhvN6kQiLtkWANXm0IxKaKdQ==
view-Favorites-vue.84362cd7.js
b3.tunegenie.com/js/ Frame 7D14 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-Favorites-vue.84362cd7.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
odeR1rZtr.AHvQPgjwFdFWJyWXaB49VQ
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"0082fbaae014111e68cb112947f03f88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
ldid5Y3JBnsZFnWC978lrNdBBP3RhSu4wfNuUlqjZUAZHQ1QzOOeuA==
view-OnAirArchive-vue.16a0bbe8.js
b3.tunegenie.com/js/ Frame 7D14 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-OnAirArchive-vue.16a0bbe8.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
up83UK3yWgthGTy0qBs9W2VjfAVwdR4t
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"524e4b3199c6655f6b9dcf29894830b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
ShwZY5dotj_ylircxwUr6M8J6oSzbgDxemDYQ31nivmnBaU55gPNDw==
view-Podcast-vue.4179872c.js
b3.tunegenie.com/js/ Frame 7D14 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-Podcast-vue.4179872c.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
N_Sr8wqq7aRDrKm95PYTT2rd_NjSVjRY
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"c57e920d7fefe4d57ee59b806e46f567"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
YQn75-Ygg1LyWNNLAncLnmdYpMo5oa45FR3eA3ckN1dQ3rvsQHQOyA==
view-PodcastEpisodeDetails-vue.512c2e8e.js
b3.tunegenie.com/js/ Frame 7D14 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-PodcastEpisodeDetails-vue.512c2e8e.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
JTG8WkOHwpGFDRXJ7LHclTEphvJtRnuq
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"b60fd94fbcd1e2084694ceec154b0607"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
zMeUaW_rls3NMseSTtpyzJh47Gzq7BUGuWtIkVLP73c8IXymeWSOcA==
view-Podcasts-vue.92a3af25.js
b3.tunegenie.com/js/ Frame 7D14 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-Podcasts-vue.92a3af25.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
8r6hJRj55CWKKNuYRmaCsrNILN5KpOFm
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"7fcbd21bb03d4d242ebc5fcb45357153"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
qOHpmpywWpS5lmGHfjEGZ3mceitZhmnWEoLUEgMq7tAH-4chtBMD6Q==
view-PromoCodes-vue.d73a1ace.js
b3.tunegenie.com/js/ Frame 7D14 		0
960 B 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-PromoCodes-vue.d73a1ace.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
x-amz-version-id
yyeJhW5jUHmN0DsERHfleizbks_R29.i
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
"cd04cd0a480aa1080b5b2adb554ab85f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
561
x-amz-cf-id
ABZUIpm7wZJcq3cmZIxDd3p001eXn5D36050vohYE_4Hc7AogGzmvQ==
view-SearchResults-vue.657109de.js
b3.tunegenie.com/js/ Frame 7D14 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-SearchResults-vue.657109de.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
Z1c8iATffeXPA8img4Dv1ZCnWz8X1L6W
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"b5ede0fbae6b6c8388e1fe195f59ac7f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
a0e9XaudQNGP5vYhtTZ4t7ExrpX9dM1UgY7ebzwPnSsu0jPn80_H5Q==
view-Stations-vue.2393e137.js
b3.tunegenie.com/js/ Frame 7D14 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-Stations-vue.2393e137.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
gtZBo2L8wagSgykkFf8UGrK3q.Q06vAw
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"96d2308ea9d0c86539b248ba6d3ce3ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
257-oVBufNKceufISsiXbnUQuekfuT_v1XWSsP5WhMeFK7Kmslem-A==
view-TopHits-vue.052d6935.js
b3.tunegenie.com/js/ Frame 7D14 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-TopHits-vue.052d6935.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
SFJLkbI20bEWOS4n96UYqrf6BTRQ_WaW
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"24c8e83e5be3980ccaa28b9e4e24e04b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
TJ-spNHKg17_8p5qyLEyESfXw-42W0Ov7Lgw2MUfxU7DzNyPL8RN8g==
view-TrackLyrics-vue.401cebac.js
b3.tunegenie.com/js/ Frame 7D14 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/view-TrackLyrics-vue.401cebac.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
TQLHcefeo4r6WuFRGK.JXfxqGp0FgXUM
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772717
etag
W/"9e170eff9d7f836bc1373ab59c7bb55d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
D_mZ5tjU-d2jgR9nM0O57iFgvvc74LhH3Fu2XAEEjcoyi-FwvBmC6w==
css
fonts.googleapis.com/ Frame 7D14 		8 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/css/index.1d7f3daa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86357424348aa174c7ab04c759c553c5fa57f3714454f6c755bcfbe5769326f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:32:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:21 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame 7D14 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/css/index.1d7f3daa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
76
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkYiA%2FItOBz7QSXfXpEU1ZW2wk3SYzXGz9lesLjISx%2FolFvTkoh29bnMGGsoHR4wUrS%2BJLyGvOL2WhvW1W%2FjqmCKGGicwVSAPEsAwm2uKi037qXi1op%2Fz0uPfzSz0RE4PGbFZtwAB6VN9Nf2YLTGBqdM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b96c00d384a35fe-FRA
expires
Sat, 06 Apr 2024 18:32:21 GMT
css2
fonts.googleapis.com/ Frame 7D14 		10 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@200;300;400;600;700;900&display=swap
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/css/index.1d7f3daa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db0ba7f5c1b57d0ba549c521e64fd43901acbfdcd65a21b42d59a8552762e1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:32:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7D14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47808
x-xss-protection
0
server
cafe
etag
15647166895147237845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:21 GMT
analytics.js
www.google-analytics.com/ Frame 7D14 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7150119-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1249
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 17 Apr 2023 20:11:32 GMT
runtime-2aa7644ee0b682b3d080.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
0f6bb019b01d05d948e743db0c2d7eea959ecd2dafbabb708c6c82770cb78615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2226
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67F3)
Etag
"0d8171c0b65d54085dee2cd8c3ea6a5a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
modules.20f98d7498a59035a762.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
95842
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/6727)
Etag
"1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
main-fd9ef5eb169057cda26d.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		90 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
90
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/6796)
Etag
"1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
Accept-Ranges
bytes
_app-b32edc12070b8f808575.js
platform.twitter.com/_next/static/chunks/pages/ Frame A0E2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/_app-b32edc12070b8f808575.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
668
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/6712)
Etag
"2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
%5BscreenName%5D-c33f0b02841cffc3e9b4.js
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame A0E2 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
1290
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/6794)
Etag
"e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
_buildManifest.js
platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/ Frame A0E2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/_buildManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
451
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/6793)
Etag
"bd9a3afe8a64146469f036be13628170+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
_ssgManifest.js
platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/ Frame A0E2 		76 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/_ssgManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Age
1352909
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
76
Last-Modified
Tue, 07 Mar 2023 20:15:16 GMT
Server
ECS (frb/675D)
Etag
"abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
Accept-Ranges
bytes
6b8dd593-3310-4d99-99ea-02fe5ae73e69
https://www.921theticket.com/ 		93 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.921theticket.com/6b8dd593-3310-4d99-99ea-02fe5ae73e69
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fee80067e8671ca9b800cf7b3b549a21a242c56272ec075e21ebdb6eca708f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
/
www.facebook.com/tr/ Frame 30A6 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.921theticket.com
Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.921theticket.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:21 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
activeview
pagead2.googlesyndication.com/pcs/ Frame B2CD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRId8n7mk6WZNw3oYfxAlc8NWUKtTS3WXDZK0IrVrLnzzfCcLnSX3a7v0qoZYK3kR01EYEHdkIsbqnSzWgdyluExZMlYuKmMo_R53llVLrb3v5anQD&sig=Cg0ArKJSzNNldlTRotGCEAE&id=lidar2&mcvt=1023&p=969,997,1069,1297&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3473686669&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681756338886&rpt=1075&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B50E 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lgl6avx7&c=8076430973921&slotId=4038215486960.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D30B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?u7Cl0g
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ Frame 7D14 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:29:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
14601
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126862
x-xss-protection
0
server
cafe
etag
16869941564567738629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Apr 2024 14:29:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7D14 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options
nosniff
age
547270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:11 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B50E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F172968584%2Fsynd_video%2Fsendtonews%2Fverge&description_url=https%3A%2F%2Fwww.921theticket.com%2F&tfcd=0&npa=0&sz=640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&cmsid=2685758&env=vp&correlator=1342272632666942&nofb=1&vconp=2&vpa=auto&vpmute=1&sdkv=h.3.568.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.568.1&sid=73A95553-4E5B-43EA-A82D-CB423AB8AD56&nel=0&eid=44754609%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.921theticket.com%2F&dlt=1681756336061&idt=2877&dt=1681756341544&cookie=ID%3De28b3ab68eeac0bf%3AT%3D1681756338%3AS%3DALNI_Malh-Bl-GSNrgvQVrMMldAf33Bc4w&gpic=UID%3D00000bd7e4826106%3AT%3D1681756338%3ART%3D1681756338%3AS%3DALNI_MbzzlkwvsZZyWDTKlyCypdLQ6O-Qw&scor=3268466022515871&fbidx=-1&ged=ve4_td6_tt2_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A03 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:17 GMT
expires
Tue, 16 Apr 2024 18:32:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CBB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:21 GMT
expires
Tue, 16 Apr 2024 18:32:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2.691622e4391d1973cb65.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
7674
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/669E)
Etag
"942b5b928a24465d1906b4716131d896+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
16.bef86bd1520696dea547.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/16.bef86bd1520696dea547.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
129d9a340ad960236445c559190546672c530544e000fd246b6b046afeac5666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
12053
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/674D)
Etag
"46d80e217756a943975c9f22eb40c6d9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
csi
csi.gstatic.com/ Frame B50E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lgl6ay2l&c=8076430973921&slotId=4038215486960.5&ghmsh_eids=44754609%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:82d::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B50E 		42 B
223 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BqMpZtZA9ZLOJBoOz1fAPpOKViA7aiKqwRgAAABABING9tz04AVil7O-9gwRglaqfgrAHsgEUd3d3LjkyMXRoZXRpY2tldC5jb226AQs0ODB4MjcwX3htbMgBBdoBHWh0dHBzOi8vd3d3LjkyMXRoZXRpY2tldC5jb20vmALgXcACAuACAOoCEi85MjA1NjI4MS81MzU5Njk2NvgCgdIekAPIBpgDjAaoAwHgBAHSBQYQpPmP5RWQBgGgBiSoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAOAHAdIIDwiAYRABGB0yAooCOgKAQNgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=bUopS46Uxug&label=videoplayfailed303&sdkv=h.3.568.1&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4NDkyMTgyMTJAvANSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 5A03 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:16:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 5A03 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
36722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 08:20:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5A03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeGEKtZA9ZOutB76TjuwP-qSwyAjSjPG_buTZj9vfEKur--uEAhABIJeq7XVglaqfgrAHoAG8vLvQA8gBCakCBmvEQldRsj7gAgCoAwHIA8sEqgSMAk_QsNLlb01TpMcj2Sch81qsQr8XPUzXVTIWy5SY4-itv2o9XI-GUUlc85l6an-F5mEd80F-xQpgZicYDCSrkIT4MQXdw9uZ_O0Av8__A56BuOD5WRKdzqfNjYi7_qbg_UGKzcy9o0mJ7D6iR9CuoKpJMMWRXG6aV6NwjZDy2eSOb9ZkEK_votoDkZMH7tZ1qtd2lMZP-M1ETsbpJyIzyk04BxmZJS3S4hfO2T17Uucda6bdoD4tlH3VBKjZnnK-F_1QmXkmKCcI2f2cMw4hrNISIxj8EsNt8N0HxjohSxQZn6R73U40y6VMzNJo3OCSYnhZyN55pytYYuUHG4IEzEv-ZXoz-3GZruApWLHABIPS0a-BBOAEAZIFBAgEGAGSBQQIBRgEoAYugAesw8QvqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0-UC0ggPCIBhEAEYHTICigI6AoBAgAoDyAsBmAz_sJriiAS4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTM4NDU5NjY0MTc4ODYxNjYYlu4R&sigh=it6JkFIYxJg&uach_m=[UACH]&cid=CAQSPABygQiDMUdakLqWsM3Q3O_gxb78rLDq2JYFUg3Axm94aSY1IWHkrccDXg99ST5Vam2sl5n6YNtodwp2bBgB&template_id=515
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 5A03 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
36722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 08:20:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 5A03 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22970
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 12:09:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 5A03 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
1631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 18:05:10 GMT
l
www.google.com/ads/measurement/ Frame 5A03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVnFpE9VeogwPIUt77pI8DdIFHvSVaxempM9DsXwniHlDjGAZGzgnm5MPiZ6Qd7IRQgouK1f6NaNe8cu8-HXu2N_pMxA
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A03 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:21 GMT
c15427455071565d8097eb04c444439b.js
www.gstatic.com/mysidia/ Frame 5A03 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 11:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14106
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 11:14:15 GMT
7951067230187270143
tpc.googlesyndication.com/simgad/ Frame 5A03 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7951067230187270143?w=100&h=100
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
def279e2f38ec8a4a1cad8a3723d6f413c3b3b043c6309295d3fe2a6cfe1d6f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 05:26:27 GMT
x-content-type-options
nosniff
age
479154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3394
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 08:52:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 11 Apr 2024 05:26:27 GMT
truncated
/ Frame 5A03 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5A03 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5A03 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/svg+xml
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fffe142658ede54ea109d3864f003ebb11170d4ea0110f752ec4b51cc8646c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 17 Apr 2023 18:32:21 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&ldt=NO_IMP&key=5oC5qDti&c_id=5513&seq=1&order=6&vIndex=0&absoluteTime=6128.3&relativeTime=3661.2&sm_id=2685758&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=4735&load=1&status=LVFNSNIY&ac_id=2008&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame A16F 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1681756338822&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=467757&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2685758&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1681756341848&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=3026&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=MLB&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.921theticket.com%2F&c8=&c9=https%3A%2F%2Fwww.921theticket.com%2F
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-24.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
vq3WyuC2v-5ABAFK--pJgXDGMLtG83H5Wbj0FNN4epTbAm_RHCRnjw==
css
fonts.googleapis.com/ Frame 8CBB 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:12:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 18:32:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 8CBB 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
36722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 08:20:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8CBB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu-oatZA9ZKvBCfKFjuwPvYGxoAH2qb_qb5btouT9D2QQASCk3LwmYJWqn4KwB6ABsKevuwHIAQmpAgZrxEJXUbI-4AIAqAMByAPLBKoE_QFP0HMd9hTEumNF-gPVsCceSv9LdGk9uU4tmFnQmvWSoVx94ADy2jDA6SjQgR5Y1-emU8p_717pqX8TrzFReQw5im4yAbpPr7jjhYFuvGZp5PGqKUfae_e-nEMCujSmqVtYu-WHVABvvZ8-LjiATnh0JsbRiAyRjCoqYBVv2blNMjFOXsFOGKzcaTAlOTW9TdtrKa1rPUWYHOg1U5azvumgFBXgBdmyKb8m9O9FxyqTRwywzwcGiEK8zHApfZnTbU2KdE0KA1S9o2REBrDszNHW487T29nYbnGadVBHkHrN9DT9wYkVOYHdUZ_i_33DexICi4OHzQDDsGUskAw5wASW4e2e-QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHuNjQxAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDswALSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTgwODAzODI5NzM1MTQzMTCACgPICwGYDIK9nI3sA7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzQzODY2MDI3ODkwMDgwORjU3BY&sigh=svrvKpV8-jE&uach_m=[UACH]&cid=CAQSPABygQiDwo20Pl4CEqwPV-RGVvDPCuJa6-Gt4mpJ9GzVxCPsgOpyQNL4tvmsLtaU90sYn7GPnGjsxCxBpRgB&template_id=515
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 8CBB 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
36722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 08:20:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 8CBB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22970
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 12:09:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 8CBB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
1631
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 18:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CBB 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 18:32:21 GMT
c15427455071565d8097eb04c444439b.js
www.gstatic.com/mysidia/ Frame 8CBB 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 11:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14106
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 11:14:15 GMT
3836428205810490512
tpc.googlesyndication.com/simgad/ Frame 8CBB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3836428205810490512?w=100&h=100
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 18:05:10 GMT
x-content-type-options
nosniff
age
174431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3447
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:30:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Apr 2024 18:05:10 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&cmd=INV&key=5oC5qDti&c_id=5513&seq=1&order=7&vIndex=0&absoluteTime=6248.9&relativeTime=3781.8&alt=0&sC_ID=4735&sm_id=2685758&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&playerCfg=FL&playerType=FLOAT
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:22 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bGqNGgtBkHxKexnR&instance=297421206&version=7.15.1-G&age=230417&cmd=PLAY&key=5oC5qDti&c_id=5513&seq=1&order=8&vIndex=0&absoluteTime=6249.4&relativeTime=3782.3&alt=0&sC_ID=4735&sm_id=2685758&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.921theticket.com/&REF=https://www.921theticket.com/&playerCfg=FL&playerType=FLOAT&pposition=home
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:22 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 022C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCMuj1g64vL5amZWZ49safc_CWEiN3r1b2_-IQq8Z1SdSkycpbHW7AHnHC8CTPN2ykPJL8666ylohalnvvWqwkL-fzKGfFzhxv1PvTrvwns-dZZJoHWggdKIealcNPoCuOJWY&sai=AMfl-YTS_rTKJKZooMPO71v3hEjg--lLNrCw-LqkYXoPq52Q2_GtvX_eR-q33VQr8uKXktCbS3d7DhvGmU5z5e5tObltZWaHHHeQeaTRPFQnewhpSbov5Zyl0aLKkv1ZQBL3OgNYQ035D5SD-e0&sig=Cg0ArKJSzFxFl4KvW9wBEAE&cid=CAQSSgBygQiDwhMSz_y1sbbLA2cMigrKT_ssCjioroG_JEZGVLmGnqg-OkwtYthncTM1mzJrYfcuHo5cacJMIFayqlBbZLKMzIQmPzTCGAE&id=ampim&o=997,309&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1071&mtos=0,0,1071,1071,1071&tos=0,0,1071,0,0&tfs=1948&tls=3019&g=100&h=100&tt=3019&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rpr1oo5517112r39r3205n850033r8o1.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		3 KB
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/rpr1oo5517112r39r3205n850033r8o1.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8303eeecda03d3ff1967ff13e659eba4e97c3a33f3d4c0c18cef4f4e96b8fea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:23 GMT
content-encoding
gzip
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Mon, 17 Apr 2023 03:08:06 GMT
server
AmazonS3
etag
W/"784b738983d4b9e7c0c042cc10fb2fe8"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
RrNso8Mk3ZdOnFAlqs1EWEmOqP92L_aThAye7xw8cQjd5RV-FOGoZg==
www-widgetapi.js
www.youtube.com/s/player/36754c51/www-widgetapi.vflset/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a7c417f67159ae3e9ef95aa85ee360b0ba0d07608d9f9c8e615052b1da1400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:13:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
1125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63301
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 18:13:36 GMT
0.12059cc9aae4f779ab68.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
106305
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67BA)
Etag
"145185fec2c06c3409682e5df48acdf8+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
4.c99a76747fd916e95958.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		244 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
805c456f58d00a6ca84ce26e4a0e20d130245ba8c3021dbc775d835701c98779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
66820
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67BC)
Etag
"813fe12fe49871b42d9cd17b5f80c663+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
1.6dc2052b2926970f8f23.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/1.6dc2052b2926970f8f23.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
4c8c703afd944080a14f8c5edcb3c00bda5b28adf95871b7d463223e3a21a77c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
39787
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67BC)
Etag
"58d1106dcf23b98737f807cfc4b30e22+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
3.dc446a58e72d99fbbc5e.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		661 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/3.dc446a58e72d99fbbc5e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
bcbc3e8177967b6713301b69a1c24e448abbd859f9864c068e8945144ef603d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842770
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
164942
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67AA)
Etag
"a2c1d40300c36b57816d6778d5a8cdca+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
6.d1bd699b8a5d6cc08f0b.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/6.d1bd699b8a5d6cc08f0b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:21 GMT
Content-Encoding
gzip
Age
2842775
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
1276
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67F2)
Etag
"0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2BE8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30225
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 10:08:36 GMT
etag
48472445140208031
expires
Tue, 18 Apr 2023 10:08:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5A03 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8fa39d144bf0fc09d527f2eaedb1b14249cc80b2ce24dc79e4577778ea011d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 817F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30226
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 10:08:36 GMT
etag
48472445140208031
expires
Tue, 18 Apr 2023 10:08:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8CBB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbc63669745624bc262b63274e3263aa754cfc2cc6d4cc4ae97814eca7f31153

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 5A03 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options
nosniff
age
592649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Apr 2024 21:54:53 GMT
pixel
cm.g.doubleclick.net/ Frame 2BE8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHzkDnm_3qPYe83ivgcVwOE&google_cver=1&google_push=Aer7DvKotRXYW88OhRDDLYyp290oTP9LHLMyag6rra5z-PAw1yQB634CMtKoeAKuiXg8FFiSbrDUDsJ7j9Pd0ab3...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKotRXYW88OhRDDLYyp290oTP9LHLMyag6rra5z-PAw1yQB634CMtKoeAKuiXg8FFiSbrDUDsJ7j9Pd0ab3G-jUc-HJQQoG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKotRXYW88OhRDDLYyp290oTP9LHLMyag6rra5z-PAw1yQB634CMtKoeAKuiXg8FFiSbrDUDsJ7j9Pd0ab3G-jUc-HJQQoG
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 17 Apr 2023 18:32:23 GMT
Server
MT3 796 58fb543 master nrt-pixel-x22 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKotRXYW88OhRDDLYyp290oTP9LHLMyag6rra5z-PAw1yQB634CMtKoeAKuiXg8FFiSbrDUDsJ7j9Pd0ab3G-jUc-HJQQoG
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Apr 2023 18:32:22 GMT
pixel
cm.g.doubleclick.net/ Frame 2BE8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENRJW1yy95oKifQlHsf4tTM&google_cver=1&google_push=Aer7DvKIzlg74YzdpNTvm-2oxnrY68QSptv8hA396o8_QUh8_t3MJOIJIIDkQZ22BGxBNUQNVa1j35HhNZIWRoybpWBLp0MhCcI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvKIzlg74YzdpNTvm-2oxnrY68QSptv8hA396o8_QUh8_t3MJOIJIIDkQZ22BGxBNUQNVa1j35HhNZIWRoy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvKIzlg74YzdpNTvm-2oxnrY68QSptv8hA396o8_QUh8_t3MJOIJIIDkQZ22BGxBNUQNVa1j35HhNZIWRoybpWBLp0MhCcI
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 18:32:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvKIzlg74YzdpNTvm-2oxnrY68QSptv8hA396o8_QUh8_t3MJOIJIIDkQZ22BGxBNUQNVa1j35HhNZIWRoybpWBLp0MhCcI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 16 Apr 2023 18:32:22 GMT
google
match.adsrvr.org/track/cmf/ Frame 2BE8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOSHMi0Ac3bf2rYWtYbYCK4&google_cver=1&google_push=Aer7DvJJcauR-Ypo6bvPK6jdpnvw2LwOxog5YRT7TU-rq9GXCba6S9pfbCcPfROJvZUw87Y920z2REeUKAW5yrMuXrrE07ZnGcVV
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2BE8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK5i96f87rEwu4pZrXGjTuY&google_cver=1&google_push=Aer7DvII_ysjmx_brVJXFljyUcdwgYr5eN5vdNATGcaOtLWHsESl-wARLUQcpQ4_mP5ff8E-wz_R3zvCxMPkg-...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvII_ysjmx_brVJXFljyUcdwgYr5eN5vdNATGcaOtLWHsESl-wARLUQcpQ4_mP5ff8E-wz_R3zvCxMPkg-31Sr...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvII_ysjmx_brVJXFljyUcdwgYr5eN5vdNATGcaOtLWHsESl-wARLUQcpQ4_mP5ff8E-wz_R3zvCxMPkg-31Sr_1F--2Za_u
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvII_ysjmx_brVJXFljyUcdwgYr5eN5vdNATGcaOtLWHsESl-wARLUQcpQ4_mP5ff8E-wz_R3zvCxMPkg-31Sr_1F--2Za_u
Date
Mon, 17 Apr 2023 18:32:22 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 2BE8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh9S...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeG...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MDczODQyMzkzNjMxMDYyNg&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MDczODQyMzkzNjMxMDYyNg&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh9SFGJ7H-KB0VrIaw_6Oqw7
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MDczODQyMzkzNjMxMDYyNg&google_push=Aer7DvJ-adc_3Wp6GO_THULUdq8tVsZPIk4p3StPFmsUHNXNQEcy4R8jjZOdKtFX0gsUqopoFeGjFh9SFGJ7H-KB0VrIaw_6Oqw7
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2BE8 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_dih4aRgtOBsKCCZ0AbGY-qAd9oMjOSfQFlDPr9ugWa1AGA2-C0tl_6M
Requested by
Host: ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
URL: https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 8CBB 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options
nosniff
age
592649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Apr 2024 21:54:53 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-39ZEBK9WPT&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=scroll&epn.percent_scrolled=90&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39ZEBK9WPT&l=corpDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 817F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHzkDnm_3qPYe83ivgcVwOE&google_cver=1&google_push=Aer7DvJ3taw3QGZlVDMEc47knsUVqBhBgWru-IzHlWCXuqH0oQo_Ap6UHVlmF_Q4LICd-ktqOsW8_SMRbJPj8_l1...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ3taw3QGZlVDMEc47knsUVqBhBgWru-IzHlWCXuqH0oQo_Ap6UHVlmF_Q4LICd-ktqOsW8_SMRbJPj8_l1gnlXDzSdis8d
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ3taw3QGZlVDMEc47knsUVqBhBgWru-IzHlWCXuqH0oQo_Ap6UHVlmF_Q4LICd-ktqOsW8_SMRbJPj8_l1gnlXDzSdis8d
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 17 Apr 2023 18:32:23 GMT
Server
MT3 796 58fb543 master nrt-pixel-x14 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJ3taw3QGZlVDMEc47knsUVqBhBgWru-IzHlWCXuqH0oQo_Ap6UHVlmF_Q4LICd-ktqOsW8_SMRbJPj8_l1gnlXDzSdis8d
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Apr 2023 18:32:22 GMT
pixel
cm.g.doubleclick.net/ Frame 817F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENRJW1yy95oKifQlHsf4tTM&google_cver=1&google_push=Aer7DvJ-BttBaVDR76rbCSa4tgLj2uJhKk4bcglYlR79MHkXnJsrA15fYVmZZnvxHlejNp2o87kMIEZyhdZZ_JZsm_aj6seA5dN5
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvJ-BttBaVDR76rbCSa4tgLj2uJhKk4bcglYlR79MHkXnJsrA15fYVmZZnvxHlejNp2o87kMIEZyhdZZ_JZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvJ-BttBaVDR76rbCSa4tgLj2uJhKk4bcglYlR79MHkXnJsrA15fYVmZZnvxHlejNp2o87kMIEZyhdZZ_JZsm_aj6seA5dN5
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 18:32:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41389C97F38F4545B30BD98BE1832B01&google_push=Aer7DvJ-BttBaVDR76rbCSa4tgLj2uJhKk4bcglYlR79MHkXnJsrA15fYVmZZnvxHlejNp2o87kMIEZyhdZZ_JZsm_aj6seA5dN5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 16 Apr 2023 18:32:22 GMT
google
match.adsrvr.org/track/cmf/ Frame 817F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOSHMi0Ac3bf2rYWtYbYCK4&google_cver=1&google_push=Aer7DvII9NRWX849SHpU56fj9rL4RrVO6-Ns06lW-k-GJKDUUFghohElLkNZRzcRkAQsOJ95bizr-O-00fIyOLuFLlVQyzfeAuW_nQ
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 817F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEK5i96f87rEwu4pZrXGjTuY&google_cver=1&google_push=Aer7DvLGYGsrxV4-MJHkimOkpI0j-TCJREzE6WEyqPzXITvO4KBieBFFMakP-NeSxvs_RTp1RysIkK2JTNhpaZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvLGYGsrxV4-MJHkimOkpI0j-TCJREzE6WEyqPzXITvO4KBieBFFMakP-NeSxvs_RTp1RysIkK2JTNhpaZZC8U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvLGYGsrxV4-MJHkimOkpI0j-TCJREzE6WEyqPzXITvO4KBieBFFMakP-NeSxvs_RTp1RysIkK2JTNhpaZZC8UXAWt74izb8ww
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzA4ODQ4ODczNTk2MzI4MA%3D%3D&google_push=Aer7DvLGYGsrxV4-MJHkimOkpI0j-TCJREzE6WEyqPzXITvO4KBieBFFMakP-NeSxvs_RTp1RysIkK2JTNhpaZZC8UXAWt74izb8ww
Date
Mon, 17 Apr 2023 18:32:22 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 817F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI8Z...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFmOIL0fniw6PjBXnnCXdcA&google_cver=1&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY1ODc1ODI0OTgxNjc1ODcxNQ&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY1ODc1ODI0OTgxNjc1ODcxNQ&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI8ZFYbk-WlaF_kkrYFP6aMK
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY1ODc1ODI0OTgxNjc1ODcxNQ&google_push=Aer7DvJ9iqiepE5Kah8fW9uSPOFPHdL4ErtmRWKAyrRU3O2dTJMwDYB_Fs07AnWGXQEIV1hJBHQqOI8ZFYbk-WlaF_kkrYFP6aMK
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 817F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBzTJN9EcIUn4QLJC4XQpSFM3x4Yzgyq5qPdUYRo4ueBMhlrQGWq3uPDo
Requested by
Host: e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
URL: https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame 1DDB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 12:09:32 GMT
cors
data.ad-score.com/data/ Frame 7AF7 		1 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=f53e91fdd18903732d619389&pm_pl=1681756340114&pm_td=2109&pid=1000449&en=1.1&callback=__pm_glbl_XLD9rzKXMaXgJxxeQhZeND9s._gc5&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.921theticket.com
Date
Mon, 17 Apr 2023 18:32:22 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7LHM6PBR21&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=scroll&epn.percent_scrolled=90&_et=13
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ondemand.Dropdown.4a5d9e2d4c04334f8432.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.4a5d9e2d4c04334f8432.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:22 GMT
Content-Encoding
gzip
Age
2842776
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2822
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/673A)
Etag
"ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
1f3a7.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		966 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f3a7.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c42f819447dd37c4e596f14d0090e3479e7dfd28f78c510c887baa1ae779b00c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
513
x-served-by
cache-fty21348-FTY, cache-hhn-etou8220045-HHN
last-modified
Mon, 17 Sep 2018 19:14:56 GMT
etag
"taiS031Zjg5z3OgyEq2FEg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 29 Jun 2023 07:25:37 GMT
26be.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/26be.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3fce17e6b142b7196a6797dcb8462a99a51a00e354cc47a59c738afc722df220
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1372
x-served-by
cache-fty21378-FTY, cache-hhn-etou8220045-HHN
last-modified
Wed, 21 Feb 2018 22:32:27 GMT
etag
"U9lYo/qmJQ3qrd5zkQCrZg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 16 Mar 2023 06:34:10 GMT
1f3c8.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		1 KB
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f3c8.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2eeff5ba8557c8518d9d3325c941fe5339e2f2228a13e64600cad42bb795170
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
569
x-served-by
cache-fty21350-FTY, cache-hhn-etou8220045-HHN
last-modified
Wed, 21 Feb 2018 22:30:52 GMT
etag
"GiXBvIDHcivsFRu/8+hd7A=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
x-transaction-id
93547c33f860ad13
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 01 Dec 2023 06:50:09 GMT
1f417.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		1 KB
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f417.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c24a202756aaee2433a33ec19220bb60384f4abafe0298f56e7387a0a77870aa
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
728
x-served-by
cache-fty13727-FTY, cache-hhn-etou8220045-HHN
last-modified
Wed, 21 Feb 2018 22:30:54 GMT
etag
"GnaJNo5rnUHOjbmPcJygig=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
x-transaction-id
1d21fe6adec2481b
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 20 Feb 2024 11:09:49 GMT
1f3c0.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		617 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f3c0.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956533d7bc8de6d0203726dce0bacf79ab40d1818f36fa82b2e3068dfeb48897
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
384
x-served-by
cache-fty21369-FTY, cache-hhn-etou8220045-HHN
last-modified
Thu, 16 Apr 2020 18:04:22 GMT
etag
"RcB05kxJFlvlmhnsOPQK6A=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Mar 2023 07:44:49 GMT
1f9f9.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		953 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f9f9.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95670746ab05c2c486434a13fea927c3dae244c7c326923f851991a4cc2acd26
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
477
x-served-by
cache-fty21367-FTY, cache-hhn-etou8220045-HHN
last-modified
Mon, 04 Jun 2018 23:15:26 GMT
etag
"ulvhdv82MOe9FUYj66xlIg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
x-transaction-id
893f5eaf53d4d745
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 21 Mar 2024 09:32:56 GMT
270c.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/270c.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf5cd27ad2de2853e5acd001e17f3f5d550061007c9ca0584b5a40d6b4072fb4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
894
x-served-by
cache-fty21349-FTY, cache-hhn-etou8220045-HHN
last-modified
Fri, 18 Jan 2019 21:01:17 GMT
etag
"0k5L1fNV7AvfF2vTbTNnig=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Sat, 10 Dec 2022 06:35:10 GMT
1f525.svg
abs-0.twimg.com/emoji/v2/svg/ Frame A0E2 		822 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f525.svg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:32:22 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
496
x-served-by
cache-fty21367-FTY, cache-hhn-etou8220045-HHN
last-modified
Wed, 21 Feb 2018 22:31:06 GMT
etag
"ZwaaE+AGNFzijsxYHy7RYg=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 10 Jun 2022 07:03:53 GMT
vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
platform.twitter.com/_next/static/chunks/ Frame A0E2 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:22 GMT
Content-Encoding
gzip
Age
2842776
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
41941
Last-Modified
Tue, 07 Mar 2023 20:15:15 GMT
Server
ECS (frb/67E2)
Etag
"5e006b62c5bde14eb6fa194e2cee465c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
like.4.json
abs.twimg.com/sticky/animations/ Frame A0E2 		24 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://abs.twimg.com/sticky/animations/like.4.json
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/3.dc446a58e72d99fbbc5e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C86) /
Resource Hash
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
age
15471663
x-ton-expected-size
24292
x-cache
HIT
content-length
1897
x-response-time
10
surrogate-key
twitter-assets
last-modified
Thu, 20 Oct 2022 16:50:56 GMT
server
ECAcc (frc/4C86)
etag
"YKYmOkwIx9KztN7bQT7x8g=="
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-transaction-id
80afab27525733bc
perf
7626143928
x-connection-hash
00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 16 Apr 2024 18:32:22 GMT
Ft67si7WYAU8Qlb.jpg
pbs.twimg.com/tweet_video_thumb/ Frame A0E2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/Ft67si7WYAU8Qlb.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d4c1924b83af40eaeb7598b9b44fef9338b912ad34fe8c4e03b8312cbeb756e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
26413
x-served-by
cache-lhr7339-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Mon, 17 Apr 2023 13:49:07 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
e055db08d850d04a
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Ft6RnUGWIAAOSBt.jpg
pbs.twimg.com/tweet_video_thumb/ Frame A0E2 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/Ft6RnUGWIAAOSBt.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23d91d2179238aecca24679312539d6ebb848ab20769333d9d9deb78d32a6023
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
MISS, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
41601
x-served-by
cache-lhr7370-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Mon, 17 Apr 2023 10:45:16 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
d057b8d8ca321316
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Fty9pJ9WAAED4tq.jpg
pbs.twimg.com/tweet_video_thumb/ Frame A0E2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/Fty9pJ9WAAED4tq.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddf5eb6aae0cd7d755bd81890da89940b59df6582e74bdbd23edd4b75b15fd3f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
15505
x-served-by
cache-lhr7349-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Sun, 16 Apr 2023 00:40:40 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
416759c011d82afe
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame A0E2 		43 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1681756342646%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.921theticket.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%228aec920%3A1678208228078%22%2C%22widget_data_source%22%3A%22screen-name%3ARedZone921%22%7D&dnt=1&session_id=ff0dd38d37dded452971875b5c9460a2529aa014
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-response-time
105
date
Mon, 17 Apr 2023 18:32:22 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 17 Apr 2023 18:32:22 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
304a9695c30e938f
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
c9ad6bd2c63ee3a895a83595476252ccb5c6bf6d1fd8503aa16c5deed4edc654
content-length
43
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame 6F3E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 12:09:32 GMT
event
prebid-a.rubiconproject.com/ Frame 7AF7 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.232.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-232-151.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Apr 2023 18:32:22 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.232.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-232-151.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.921theticket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 17 Apr 2023 18:32:22 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pixel.gif
pixel.westseven.media/ Frame 7AF7 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=921theticket_728x90_1&ev&r=0.5047944938879478
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-13.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:22 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
pixel.gif
pixel.westseven.media/ Frame 7AF7 		35 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.westseven.media/pixel.gif?key=921theticket_728x90_1&iv&r=0.3101017586185215
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.141.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-141-13.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:22 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
bTWLA6vt_normal.jpg
pbs.twimg.com/profile_images/1615008719296684032/ Frame A0E2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1615008719296684032/bTWLA6vt_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87fa826f70dc2f69df951ff0ebb2f308524f31c0bdf8570cc1d6cc85f9aa6b95
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
2339
x-served-by
cache-lhr7353-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Mon, 16 Jan 2023 15:28:58 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
43a3837a98a13b4e
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
htShM9oX_normal.jpg
pbs.twimg.com/profile_images/1453813186617090054/ Frame A0E2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1453813186617090054/htShM9oX_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4015fcd470b32a176e2531403dc228f3a8ee4bd68dc7b7f9fc0e696f6187a7df
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
2567
x-served-by
cache-lhr7385-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Thu, 28 Oct 2021 19:55:28 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
7de80524e24528a0
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Ft3f6TBaQAASvh2
pbs.twimg.com/media/ Frame A0E2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Ft3f6TBaQAASvh2?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
844512f2dc39fad657e2c45d2a7b216d306e1866da7a62df4caf103032c5a0bc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
3836
x-served-by
cache-lhr7359-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Sun, 16 Apr 2023 21:48:52 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
0ac39bc86241b0db
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FtzN-jhaIAYHjVy
pbs.twimg.com/media/ Frame A0E2 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FtzN-jhaIAYHjVy?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1c5fba81b099d2d03c8307881d450ba2314574f46be140acbf7de276612b9bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
3489
x-served-by
cache-lhr7363-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Sun, 16 Apr 2023 01:52:02 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
e9345b5a3dcae46f
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ZDt55VxO_normal.jpg
pbs.twimg.com/profile_images/1641118334212096021/ Frame A0E2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1641118334212096021/ZDt55VxO_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f4abd1aa3b352c2c1df1cfd1dd7e49d8288138b60c63e43b9faed3e1e1383ad
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
2263
x-served-by
cache-lhr7376-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Wed, 29 Mar 2023 16:39:16 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
543de321fdc44acd
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FtynR6zaQAA8_Gm
pbs.twimg.com/media/ Frame A0E2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FtynR6zaQAA8_Gm?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1f345fc4d4a92cd8efdc4ddb60046b41170f576def006a30ee29c8936ce42f9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:23 GMT
x-content-type-options
nosniff
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
4376
x-served-by
cache-lhr7335-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Sat, 15 Apr 2023 23:02:58 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
945ff27a78d499f0
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
BtVDG99z_mini.jpg
pbs.twimg.com/profile_images/1565710707240292353/ Frame A0E2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1565710707240292353/BtVDG99z_mini.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/RedZone921?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=600px&origin=https%3A%2F%2Fwww.921theticket.com%2F&sessionId=ff0dd38d37dded452971875b5c9460a2529aa014&showHeader=true&showReplies=false&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6c250a5cdca6f37cd5a10c330002da4ffb269eb967f7bd93c76e6c962e9e6e9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Mon, 17 Apr 2023 18:32:22 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
1451
x-served-by
cache-lhr7359-LHR, cache-fra-eddf8230052-FRA, cache-tw-ZZZ1
last-modified
Fri, 02 Sep 2022 14:36:16 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
3d9e1bd77f0e4910
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sodar
pagead2.googlesyndication.com/pagead/ Frame 7AF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m2023041101&jk=2341701547716775&bg=!qKulq__NAAZA7GLoYOw7ADkAdvg8Wu-tYLgkPaCEBU0DJXePNo9WFy3jZInDPiJ1mwoI-kCT6L7iiKoO7qKNbjpBjcXxykrCm40CAAAB7lIAAAADaAEHmQMK6ovNdxWUafElX_lAw8FJW8hPwIHvWWLlwvBxVuqrlKLfYTWXu4ivA4cGEEBdMJu_BfaQiMNNmbuuhwkCKePZk583t6lAuTkMH5ZyJfLT9em779f8mY7Mt06LUlp4oaE9ZZ92R18z1ryL3yEyFtZy2Dd8Ct4xV35CUijpLxo9Z-Ojk7s4fGH37iABMrsAXRhNEAhQhrJMXZc3rUpNY-a3fZgOd9u9Pm5YiuiRRYgTY9AUC2jh2oBReO3GOcHzpX1teaaoUa1ggCyUN13ZdKMkcnmG7pjhEARoP25PUGlyeWPJimYQDOo3WyK31qOtHYsso7sZ7MvQzLDCcVtHLr1sTEZ1qa-RYsQ0-AMX7ifip2eu4ASzmtMwNz9XTbMni2Ab8Sl7GHUOLxz4qildex81Olhmb_v9aWmSsZMPJWnUz8ZStiDjr4gR0CQEmNx-X9mW81kgcQ_pDgTulqVzy7V3visHat9d6t9AeHoknzONAwK8HhIkUrI8VM0jFM1jcOBXw7H0oLgOAmsjhvlYRlwOy1msxPnuauefKIhytWlnTtRwxSvwSi3BmYzARvv31T6POK3_NFrjYt9DGG41bx3X_PQfxtmoWrcjHLB-mT9Yxzgvwp3Yuhd_NNokhGNRYifpGceC71Q-ZmYCit08h5pJfDenDrKnwJC8p0pXxfj5_XmqqbgE8ZLOdtf9UO2sXc_QSJ6TxoOyfbPk5eYHGNBd8jdR_55Wae7AVAB3XIzMoUSAP2719jyv15NqunTWkzhrM5lXN4uNqWvTeZBvw2or9LhpSofrVIBqVD1nBTzEcOWm0K9q_rMj1-b-2EU1ubnvDw22gsEHpommr89uxxaAqqtEZwxc0x5HpkRQjk9g9FwJ7gB-8s06Q4BVpjdd4NMGS2H-g5zEBpmL5ENjUUyw_MruDWnDi-5P9inZ3_2GJC7UbLWO_MBjtnIli3AKsOgwL0FGpNSRsPiZNjlnZh5YAxk1qSfaj2-5YOgAK764izZpiHalMqfJ-CNSUSmLiVDCyal81VY0R-3e7A
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
chunk-1121b3a3.16c3e697.css
b3.tunegenie.com/css/ Frame 7D14 		712 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/css/chunk-1121b3a3.16c3e697.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0262ed76bd727f873ca1e2757ecf673b3ad1bba37640c6bbf9e6e84b5a51870c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 05:39:24 GMT
x-amz-version-id
tCOba1qkJ0SBEv40Bzu.1HyunEt06jMS
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
last-modified
Wed, 19 Aug 2020 22:27:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3329580
etag
"78efcc1be888c63911df588255a60628"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
712
x-amz-cf-id
Xpwzg50GAInSxn2ZBFaTfzDmUxAvosV4HatGZyfAONrFbhkpJcP9tg==
chunk-1121b3a3.ae827baf.js
b3.tunegenie.com/js/ Frame 7D14 		255 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-1121b3a3.ae827baf.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5dc4f19b3f1f67f7ff08413a0e4c20fd9507712ee440939951953bd27747e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:05 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
aoPcJbzA4.6PHPHHNoCJtcgUPIqh1S5x
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772719
etag
W/"eb1311114d02e943e27f1018ed8cb5a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
iP2trD8duvFw-3QQKadhg6A5_gW3l6tlCiT4iTLn9ZURm4Arr3-W-A==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7D14 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options
nosniff
age
547273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:10 GMT
defaultcover170.jpg
static.tunegenie.com/static/images/covers/ Frame 7D14 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tunegenie.com/static/images/covers/defaultcover170.jpg
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.73.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-73-75.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
2725f8b87b10f8782c764f7d6148cb5f80022a874ea88a3aec7f1e2a49c7ded0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:24 GMT
Last-Modified
Fri, 24 Mar 2023 02:25:03 GMT
Server
nginx/1.20.0
ETag
"641d09ff-b25"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2853
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4933cd1b3fc067c710a730b12267bd2ee5290a96f01b90f9932782c6f9f22c25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
/
www.facebook.com/login/ Frame 6246
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df326c6a26fa24c4%26domain%3Dwww.921theticket.co...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fver...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df326c6a26fa24c4%2526domain%253Dwww.921theticket.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.921theticket.com%25252Ff201b8cc07e4fd8%2526relation%253Dparent.parent%26container_width%3D331%26height%3D448%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Red-Zone-with-JB-on-921-The-Ticket%252F281344338549686%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26width%3D310
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6bd926c8576dd092132f7e47ec48e888
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Apr 2023 18:32:23 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
L0KykNjDNwedKjv4MAqBasOQIXED9ix9qu9IrNUWJJe1VfhjRa1L65yNA2FccdwiHJ306iall2jkmsPHpKGomg==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:23 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df326c6a26fa24c4%2526domain%253Dwww.921theticket.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.921theticket.com%25252Ff201b8cc07e4fd8%2526relation%253Dparent.parent%26container_width%3D331%26height%3D448%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FThe-Red-Zone-with-JB-on-921-The-Ticket%252F281344338549686%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dtrue%26width%3D310
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
HvivzzPSHpIoT5lVckHZytA/cUV0+zDepEsGI0Q6zhsi4DNRXQpAShl96cAV9OOkrcZJDRe7FgsnD9Ewjg0kng==
x-fb-rlafr
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A03 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxKB2Mt8xWxHZhQjmxef3vN7Xk0LTdrxc6tcXXWgOyxOBKTjGHV5j8sePgh5Ac_e_N8GS2A542LP6Cbwxlp3_B9hSjrW8rqUWIfCVHptiXMds8KZPpwLlJ5DCc-LBOYuM4Ovc9ZVpYl9SWj1QmC0bBZKCqVNJvMsVVKOt3-1KDPZpe-0OjBkSRiVgdDN12NW7Mcg_xDCvTNWq9iRbPbazXNU3j4AZJzQ9D_R6E6a43Ax57PiY5Wrr0tV4cegDKzRNEQle6V1Cw0B0YIJ6Dhe_MvRIZ1fe0EshKIhdZVrx_QWDv1S0hmnBei29hD7qhEPkouIku6mNXI3t6hmyZ1lZGnicOTMj62yC8-aJsXUNP93EyDNjEIRg4DW_Zo7EOhrwt1gEm8m-BwhYTv4yKeb8Ixpd1T24K9Tk0XwMhXOykA19N12E9Q433ikaybL-GRxH0y6RWmDJx7j62Pr_H1LZgznrAKrjOhAA4aArYYmppLr5qXP6eoxf4W1AorSIH_F7FuFmmjfTph7LFJjiW-RT-YzDAbw-vOskZnIYrpGZl63KMRjTkw4SguzsaV3Hl2e7IkJxeLJulitWR4T3-76M3iNCDO7KbC0kMxiX5i4rwxmsL9LcVixqCSiSn1cUNrPYIjUS1IeTDcdouDMlYjFTapxJnuirbxIDLrLs86M3HJF1MsjM4GC8j-Zt0Vng_fPHa4hEvmSP-D-9XB6yfeGx-4wyorBPVysH-qsoN7Z_saaRK9RJd4Y4lVSWhDMLwiBcq0WQ3pTsqmw74kfbZ3v8t1pniFNjmOm1VcISKYMQ2b8S8ch7av8imJGXDaJiCC4LwvxiHTjb1T-6BuMRjMkWnxA8BrYLFodkW8xmneu-1H-EuZLMLkl7vtsCBILHqEnIgWD-EsYWls09jHHxPcI0OYNYx6wYavTfaOsEPd1JC3TijD1GwLxMFogAJsTZlpUCIs9u_FLi4YUwBgE9Je26gVAIAQRhjzY2OavLD5d6Ldblw51Seheq8XCq8xLhbVfJAy3x2IDXzTrOAHTQ7HY8979U3_e3bkDR5Wx7NavTcDJZKnOIwmvoOxGLC9zmqSWRTg5EN_e3fZHyx1R_Ubx-0dOO_RyjgeBJfwya2k-nruNftwYj2hYDVhW3LjttCLph-hkSJwLE&sai=AMfl-YQZkHEQUxgOArW5U5BFHC6TbSMYWbNeBu7N_6ryGvTs2dlNnF8Lll2mvfLVONi8JWnvNOS1UnHm3uhFpyuV2ERx6vGcfK8WooKPP2hl8wiJ0p2EoZtVvoBU2EVFGZJ94sdTWUxujtzVAQ&sig=Cg0ArKJSzA9ymwM5cfvGEAE&cid=CAQSPABygQiDMUdakLqWsM3Q3O_gxb78rLDq2JYFUg3Axm94aSY1IWHkrccDXg99ST5Vam2sl5n6YNtodwp2bBgB&id=lidar2&mcvt=1253&p=1141,865,1191,1185&mtos=1253,1253,1253,1253,1253&tos=1253,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=427339486&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681756341565&rpt=564&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/16059128/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
52.222.214.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:17:15 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
911
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
8xJEcHtnVBqmDsQ61l6gguuwXQVmbWqSpnZFqtdCvEs2eTLtFni9xA==

Redirect headers

date
Mon, 17 Apr 2023 18:32:23 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
Jcz9GSXcJggweFY5dZygVaqVBPuHNyOOd2__gmNpQ_2j3fg8MquIkA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 18:32:23 GMT
chunk-2d0d76a4.883ed436.js
b3.tunegenie.com/js/ Frame 7D14 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b3.tunegenie.com/js/chunk-2d0d76a4.883ed436.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:c600:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aca9a74fe9948e0cda9ced7a949cce62aa6f896ae1a575eb6ab01e85dc77c839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:27:34 GMT
content-encoding
gzip
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-version-id
StfTLI71TQynZK4C5LRAzhYW_iAICpab
last-modified
Wed, 06 Apr 2022 17:21:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
7772689
etag
W/"b2e69db13a2ed91d80691bdb7f238f61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
9icFuPPzrchrcAnfXF6dVekFT0h-ZKESj20mnFADGraA71psU1Eb-w==
td-sdk.min.js
sdk.listenlive.co/web/2.9/ Frame 7D14 		1005 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.listenlive.co/web/2.9/td-sdk.min.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:7:5253:f880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8be5876e7de200de0f3e75c441f8dc56f96b90b00f70217a51cd3daf2a8f896b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:45:35 GMT
content-encoding
gzip
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
last-modified
Wed, 05 Apr 2023 16:56:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1680713170/ctime:1680703630/gid:1000/gname:jenkins/md5:35d5f172cd0e9b4f9ae55ef0373546e8/mode:33188/mtime:1680703630/uid:1000/uname:jenkins
x-amz-cf-pop
PRG50-C1
age
2834
etag
W/"35d5f172cd0e9b4f9ae55ef0373546e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
wJgBQItWqVwzDZmrLoYkYIKnhFy6hTuVJd3un-u5NO-xtXhMwZ5JAg==
/
api.tunegenie.com/v2/brand/nowplaying/ Frame 7D14 		445 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tunegenie.com/v2/brand/nowplaying/?apiid=m2g_bar&b=kqsm&count=10
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/chunk-vendors.6e6c4ca3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.1.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-1-108.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
384259351d108f2d47f10db1ed7d387def16a4ef82c020938bf542a0b4d62c02

Request headers

Accept
application/json
Referer
https://b3.tunegenie.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:23 GMT
Server
nginx/1.20.0
Allow
GET, HEAD, OPTIONS
Vary
Accept, Origin, Cookie
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
445
KQSM-FM-logo.png
s3.us-east-1.amazonaws.com/static.tunegenie.com/brandassets/ Frame 7D14 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/static.tunegenie.com/brandassets/KQSM-FM-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.165.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b2d516da8ca8d609bb854a4fbdba05748b189c6bd22cedef72ae13301c8dc1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:24 GMT
Last-Modified
Fri, 08 Jan 2016 17:05:07 GMT
Server
AmazonS3
x-amz-request-id
27M4EYK84MH7ZR30
ETag
"29edb3b848f609cbe9d3a6a32ec09312"
x-amz-meta-uid
501
x-amz-meta-gid
501
Content-Type
application/octet-stream
x-amz-meta-mode
33206
Accept-Ranges
bytes
Content-Length
26672
x-amz-id-2
HLy21OtVDQX8Bjt3psmSgYBMq/nk8jeIc0UtoSSfyGmivZ5nD8I5Tr6+X2rKoCOpgug0oOWCVoQ=
x-amz-meta-mtime
1452272706
77dc702675d82e7f7c0f80bb0014a617eee86d7bbb249afe34cc4448b2f7702d_large.jpg
express-images.franklymedia.com/cdn-cgi/image/width=1200,quality=85/6616/sites/773/2016/10/27054354/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/cdn-cgi/image/width=1200,quality=85/6616/sites/773/2016/10/27054354/77dc702675d82e7f7c0f80bb0014a617eee86d7bbb249afe34cc4448b2f7702d_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6986e64ba58d6da382b209e0a9dfcaf1a3e51d302ac9210123a751c68a50d38
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:23 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 27 Jan 2017 11:43:55 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfSPUsBrEgzOAY3Zo0G3fLKQlI3FnrrOeck9uOb3F2DQ:25ddfe3a3ac5b7f955b9c99cc14b895e"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b96c01b0b069ba7-FRA
content-length
41166
cf-resized
internal=ok/h q=0 n=19+0 c=3+45 v=2023.3.5 l=41166
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7D14 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options
nosniff
age
547279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:04 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D35JDKEKBV&gtm=45je34c0&_p=999957307&cid=1820827546.1681756337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1681756337&sct=1&seg=0&dl=https%3A%2F%2Fwww.921theticket.com%2F&dt=THE%20TICKET%2092.1%20%7C%20KQSM-FM&en=Scrolled%2025%25%20Down&ep.cms_site_id=KQSM-FM&ep.cms_format=Sports&ep.cms_market=Fayetteville%2C%20AR&_et=783
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.921theticket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D85B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 12:26:07 GMT
expires
Tue, 16 Apr 2024 12:26:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2333 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f6ff3e286198d8156c94960bd6757c24f1940aa396bfa86fe2431011198ce329
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2rrU-g5cKdXbUt103BdbEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-2rrU-g5cKdXbUt103BdbEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:23 GMT
expires
Mon, 17 Apr 2023 18:32:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2333 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304100101&jk=3956229276488818&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
pagead2.googlesyndication.com/bg/ Frame D85B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
22971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14288
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 12:09:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CBB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjQcDQG1BnXgiWS66pc7ZfRh0yEZ3c7HMWJBfXb3n-ikizVqFCpH0S0nXBaw7nxEPepN3DHhry3zl7AHPYXU9Fdv_m4SCE7625OfBWitczBoWwi4fGjHqJgfoXHpjznfhvsMwgGL9eYrjN9Mjg7yYD0z3mYSTnFkbWpUP0ERHop9c6vG9ing7cwxQ-LoHL4RQArjbJr2xFpDDsjb6aGa6hkImuQehr85VQH_p7zTLesm7GuNGRJyULCfEzTxZUvkes5H_xfGUa_8RTC8wD9xsYiw_gI7cYBpojyIZMANtPnh4TB8skyHDLzVzQjuzgE5Dz120p8gs7IBYe_Jd_YDOj20E11iz0yKRGulPdlXD9Xm_cnRMg7TtxoaO7dUbIkBFPC--SEoyEZpWqRj8dUXPWHkryk_5yF_QazmCqspF6uD6qe8nEkw0VkSEp41M7X_T2adLEv-bXuf2sY7joftlGvJIXLjsIwiCbsBqqeF5p-xjYL4BEQ7vjNlw_5IQ9SVDd91FdRFIk4S_JfnLw6O52CMkzLP2Xi8QxiryaeA_BHIormFsO_fAUES3khoA7QTmWrBUxaXEcbFTv8PrV0aA3wPMwAf9j6sKIDvg_3upn-lPmBBgYCf3QaQbq1tJoJEJBN69FD6SlL22C0fEHhKE7AGWHodZM9ErhTVCD7wJKiSfQ2Kphyp6ClfEnqlLcO8QNPbahNZzJdGTX0i-GIHltNVuva7JZzyBbRfyJkHMx2OmSxNiRfT-0RKSBBk2tX0KhCThj8du-77ERW9Gy4DYzEdBFe81kHdSIfI9eo7slrse8xGh12apZugsC6SnM7_seseQLfoD2hcyQclpxrCsu58AlHQNQL23nQeWmXByhn2JqjAiF1hQL1Mb-PW4huuqBn1YoTiQ9hKXDDTjgUfUS6kSDILYG2Bd3zJPt4xrHJk5sulSIuFi0CFmZy06hJiHbhAFER02RTiLd9ESJOf2tdhu23rPPxiKtTcHat-b-m1N2fKTlh8xLleKNyHXcOEBM5ZySB_ypbE5VeRysJuCQ0e0SdnjBrLf1oC4jDV69h8_ZWMv5QeBto3cU5r68u1b2-913gZKEeY6-Tql2335Ks4I3kn2a6lW5OpbZQbrnD72KH7vPf8Bu0MypiYpbhnl290y_7Lu4oMSmKQn3fXZ3h5qYsDPRGPfF&sai=AMfl-YR0__pRujeHIbcwNIszeNQHWfQKX_CJ0rP3oq130jn0aju6lp-hZeDOOU8gd-i3hjk4BcMDYCF4Z5vBaBWB2rY6XP1XkDBYW6M8el7vZxrrmOzGTR3NneXsy80rRJQAm79_y9Xy9_wrLQ&sig=Cg0ArKJSzJngJUbQXLzAEAE&cid=CAQSPABygQiDwo20Pl4CEqwPV-RGVvDPCuJa6-Gt4mpJ9GzVxCPsgOpyQNL4tvmsLtaU90sYn7GPnGjsxCxBpRgB&id=lidar2&mcvt=1023&p=0,0,90,728&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2548567318&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681756341664&rpt=543&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 7D14 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@200;300;400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 10:10:28 GMT
x-content-type-options
nosniff
age
202915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Apr 2024 10:10:28 GMT
/
api.tunegenie.com/v2/music/track/ Frame 7D14 		333 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.tunegenie.com/v2/music/track/?apiid=m2g_bar&b=kqsm&sid=-160&sslg=the-ticket-921&aslg=radio
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/chunk-vendors.6e6c4ca3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.1.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-1-108.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b36d7853e6790baae8e066ba9bd9b43d38c27fa1db1e3e01c1470d4ec5ac512f

Request headers

Accept
application/json
Referer
https://b3.tunegenie.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:23 GMT
Server
nginx/1.20.0
Allow
GET, HEAD, OPTIONS
Vary
Accept, Origin, Cookie
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
333
Expires
Mon, 17 Apr 2023 19:00:06 GMT
usync.html
eus.rubiconproject.com/ Frame 4EBF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 18:32:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame D85B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Tv8p5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
KQSM-FM-logo.png
s3.amazonaws.com/albumart.tunegenie.com/custommessage/icon/ Frame 7D14 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/albumart.tunegenie.com/custommessage/icon/KQSM-FM-logo.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.139.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b2d516da8ca8d609bb854a4fbdba05748b189c6bd22cedef72ae13301c8dc1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:25 GMT
Last-Modified
Sun, 15 May 2016 23:58:22 GMT
Server
AmazonS3
x-amz-request-id
JCKXDWTZSKBA632W
ETag
"29edb3b848f609cbe9d3a6a32ec09312"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
26672
x-amz-id-2
qttzCcLGIOnX/+6Wx6ctcjNsB5EsQja6YHYFgZHa6Hw0O1aEz23FS+EylT1I3KLFdIYPrfok9V0=
idsync.js
playerservices.live.streamtheworld.com/api/ Frame 7D14
Redirect Chain
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM&bounce=true
993 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM&bounce=true
Protocol
HTTP/1.1
Server
208.92.53.43 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
580f45ba2ddac56d07641a21093ef3ea08f51bcb3f856cfd641910f780e74c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
ldn-strc-docker03_8082
x-stw-site
LDN
content-language
de-DE
access-control-allow-origin
*
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=ISO-8859-1
connection
close

Redirect headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
ldn-strc-docker03_8082
x-stw-site
LDN
content-language
de-DE
location
https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM&bounce=true
access-control-allow-origin
*
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=ISO-8859-1
connection
close
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7D14 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: sdk.listenlive.co
URL: https://sdk.listenlive.co/web/2.9/td-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123683
x-xss-protection
0
expires
Mon, 17 Apr 2023 18:32:24 GMT
idsync.js
yield-op-idsync.live.streamtheworld.com/ Frame 7D14 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yield-op-idsync.live.streamtheworld.com/idsync.js?stn=KQSMFM
Requested by
Host: playerservices.live.streamtheworld.com
URL: https://playerservices.live.streamtheworld.com/api/idsync.js?station=KQSMFM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
0d30bd6465a11584b58e66a0bbc91fa6735b6fd147590ff28e92b485897f3957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
van-mesos01-node07
x-stw-site
VAN
content-length
2741
content-type
application/javascript; charset=UTF-8
/
loadus.exelator.com/load/ Frame 7D14
Redirect Chain
  • https://loadus.exelator.com/load/?p=930&g=3&station=KQSMFM&j=0
  • https://loadus.exelator.com/load/?p=930&g=3&station=KQSMFM&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=930&g=3&station=KQSMFM&j=0&xl8blockcheck=1
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 17 Apr 2023 18:32:24 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=930&g=3&station=KQSMFM&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4EBF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5bd9a991a33608e4f953ba4d211a4bffe198235474eb27fcd001a4ef8fa45c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62387
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:52:11 GMT
pixel
cm.g.doubleclick.net/ Frame 4EBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODkxODhlMWUwNzhkNjRkNTkzMTNiNGQ1MzA2ZDhhYWMzNTA4ZWYzOA&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODkxODhlMWUwNzhkNjRkNTkzMTNiNGQ1MzA2ZDhhYWMzNTA4ZWYzOA&gdpr=0&us_privacy=1---
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODkxODhlMWUwNzhkNjRkNTkzMTNiNGQ1MzA2ZDhhYWMzNTA4ZWYzOA&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4EBF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG3RRuq_33T3OsjmAZjgsnM&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG3RRuq_33T3OsjmAZjgsnM&google_cver=1
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG3RRuq_33T3OsjmAZjgsnM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 4EBF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 4EBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGL6AXEI-G-I8Q&gdpr=0&us_privacy=1---
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGL6AXEI-G-I8Q&gdpr=0&us_privacy=1---
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 66E953E2B100425FB08F3DF116D2C737 Ref B: FRAEDGE1407 Ref C: 2023-04-17T18:32:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX5jGmEOXMqHhR0g34gHQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGL6AXEI-G-I8Q&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4EBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dIA3TgkcdzIkUNYy0J_aOg?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IvbkZZlE2oI9.MN4m.rob73q1R.a7LYGWrJg3A--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IvbkZZlE2oI9.MN4m.rob73q1R.a7LYGWrJg3A--~A
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 17 Apr 2023 18:32:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IvbkZZlE2oI9.MN4m.rob73q1R.a7LYGWrJg3A--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4EBF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WwP_XlVvTj-wX1b81LJDlA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WwP_XlVvTj-wX1b81LJDlA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WwP_XlVvTj-wX1b81LJDlA&gdpr=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GH7ER02QD7XH1ZMBTSBK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WwP_XlVvTj-wX1b81LJDlA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4EBF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=v7OF9tT4QqSK-YQVdofCjw&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v7OF9tT4QqSK-YQVdofCjw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v7OF9tT4QqSK-YQVdofCjw&gdpr=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XFMT0X0R7ARBDNZWV1AT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=v7OF9tT4QqSK-YQVdofCjw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4EBF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdMNkFYRUktRy1JOFE=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKcMxq1C4520m9JQfcQcpzM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMNkFYRUktRy1JOFE=&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMNkFYRUktRy1JOFE=&google_push=&gdpr=0
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMNkFYRUktRy1JOFE=&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304100101&jk=3956229276488818&bg=!lJell8PNAAZA7GLoYOw7ADkAdvg8WjR-uYvBL0GfR0buyI-Up7w105H4GdEBNmZ0Z1faJhsgI7CsWKeB0HJMEFmlXesfSV5aslkCAAAA5VIAAAAEaAEHmQLjrl41shsgfFfQqj3eLdv1j_CDiYqE8wsg_ITyKyaumqPeUs8py-vXXRG015-LBnRqs2R5nCV4QGuSknLJECyh_gWZfYc76tlO2W-glwvWpZ2GE3G82EtaNyQdaZUi-4aoaChkeYtKphsdxAC3cMLcq27wpJNbwFtTvkSIukc9SWBVHPV3kZ_lkT0tupZDQdQuV1n1svooqx5CQ9zzERVsWLpNAWXRLXidU1kOF90kolYqmgzb2M6NPLpdhhwb-2R0T0HEKN38k6TCgt0G0rOeSIeQDnF3xX71IWFiy8v__xszCGZqBv7szTnmJqjgE4spPBCHUXc4PIByj2lefW6A_Lr_wOktg-9dPDSoU9dW1CCTeBstfGMfr3AduZIwn9zvN2xIMli7kMBwqipwJX4FrqqEj1nnrdlN098W2r-re0P113gS0SXjTe3QcyrwGnHl4PPYjutJXX3cK1rYxPW4Dcl5om7qCzJ7Eanzf7rkLyffa-cL1UJR20-rjI21BjDfTlEu_6PUcW9U_8GoZv49Wg-KC2giALdnLEeCiMeYAVqZGJ6IQE0sEXY6aDPHX-Exg0cDzxyaL6i98NGUiHU6kdYDUG5SMZE2aqlHWD_hRHZXYkZZsjy-vi6amreYSRx1l95RW2E1RDX9YyBbHYsNAkQ4diOKFFttUhW-EhKdF4513ovCuxI81baTIhg7ZsVtNL1RTkeN-jGf-7VwpIkrsq1sm5XltDrp4I1-ljHdpGlys2tDfQbcXxN3vg1IAGvHcmbVQfk9rnGn54WDVazZe_tFdJ4H9g8pKtzwRbTaVmlwsGGg0VSvTV2Vo6-BPrO2r2e9re0alXX9xe3YMnvRe4Woj4iMiR0NoxDDuFGB-dDQ0bm_J6A8XvOu2y_Se5DKnlfGwv-oUP9TnwyFM5qgMJg4gPSrCFtJWBLCBoz2f6MvghwPvlEnpIHSZ498XtHf3snKZG9mthiWO3UNLbSnDqrCjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
KQSMFMAAC.pls
playerservices.streamtheworld.com/pls/ 		284 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://playerservices.streamtheworld.com/pls/KQSMFMAAC.pls
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.92.53.43 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
cbf97243c7e924bc7af6c2880e4e2b42829786f7bad57c0dbc32276b4bd9459e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
ldn-strc-docker02_8082
x-stw-site
LDN
content-type
audio/x-scpls; charset=UTF-8
content-language
de-DE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, must-revalidate
content-length
284
expires
Thu, 01 Jan 1970 00:00:00 GMT
KQSMFM.pls
playerservices.streamtheworld.com/pls/ 		269 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://playerservices.streamtheworld.com/pls/KQSMFM.pls
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.92.53.43 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
ea6d200899dda7f947680bda3804a1df64bbb89a6224a6c8420747aff32bb3b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
ldn-strc-docker02_8082
x-stw-site
LDN
content-type
audio/x-scpls; charset=UTF-8
content-language
de-DE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, must-revalidate
content-length
269
expires
Thu, 01 Jan 1970 00:00:00 GMT
edge.Menu.min.js
www.921theticket.com/wp-content/plugins/themify-builder/themify/js/modules/ 		962 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.921theticket.com/wp-content/plugins/themify-builder/themify/js/modules/edge.Menu.min.js?ver=5.5.7
Requested by
Host: www.921theticket.com
URL: https://www.921theticket.com/wp-content/plugins/themify-builder/themify/js/main.min.js?ver=5.5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e495eef6b903e6de7362538861c8eb5c4267d909b6bc011663bca438329e041a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 13:11:18 GMT
server
cloudflare
etag
W/"6437ff76-3c2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-whom
web-18.ampcms.internal
cf-ray
7b96c0227bc2918f-FRA
expires
Tue, 16 Apr 2024 18:32:25 GMT
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=10649
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dan%26uid%3D%24UID%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=1315223837049125863&pubId=10649
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=1315223837049125863&pubId=10649
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
van-mesos01-node05
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 18:32:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
11e94495-6a23-432d-8b1c-0f4898112b06
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=1315223837049125863&pubId=10649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uuid
nodeny.targetspot.com/callback/ Frame 7D14 		0
0
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triton&stn=KQSMFM
  • https://x.bidswitch.net/ul_cb/sync?ssp=triton&stn=KQSMFM
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triton&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322325976183165&expires=30&ssp=triton
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=8be02d32-7750-43c4-b6ad-b005c905096a&stn=KQSMFM
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=8be02d32-7750-43c4-b6ad-b005c905096a&stn=KQSMFM
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
x-stw-server
van-mesos01-node01
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

location
//yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=8be02d32-7750-43c4-b6ad-b005c905096a&stn=KQSMFM
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 7D14 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=KQSMFM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=837cb2be42272416332295ddf0594755&pubId=10649
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=837cb2be42272416332295ddf0594755&pubId=10649
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
van-mesos01-node06
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 18:32:24 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
32dd87c0-dd4e-11ed-bbd8-02df0937a15b
Instance-id
i-057b95ab87055990a
Location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=837cb2be42272416332295ddf0594755&pubId=10649
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=133&uid=b5cae393-e4b0-433c-bb6c-de9f7cd109d1&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubI...
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768572484574&pubId=10649
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768572484574&pubId=10649
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
van-mesos01-node10
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

access-control-allow-origin
*
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768572484574&pubId=10649
content-length
0
CookieSyncTriton
rtb.adentifi.com/ Frame 7D14 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D10649
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.184.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-184-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1035643d-90b7-4200-a221-a4710b81560e&pubId=10649
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1035643d-90b7-4200-a221-a4710b81560e&pubId=10649
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
x-stw-server
van-mesos01-node09
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 18:32:24 GMT
Server
MT3 796 58fb543 master nrt-pixel-x20 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=1035643d-90b7-4200-a221-a4710b81560e&pubId=10649
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Apr 2023 18:32:23 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7D14 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D10649
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel.gif
idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=KQSMFM
  • https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEDydd4RtqgqUYoFm0jwo9wA&stn=KQSMFM&google_cver=1
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEDydd4RtqgqUYoFm0jwo9wA&stn=KQSMFM&google_cver=1
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
x-stw-server
van-mesos01-node01
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEDydd4RtqgqUYoFm0jwo9wA&stn=KQSMFM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 7D14 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:24 GMT
content-length
0
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame 7D14
Redirect Chain
  • https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4141980922447770076&pubId=10649
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4141980922447770076&pubId=10649
Protocol
H2
Server
192.173.28.19 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
x-stw-server
van-mesos01-node06
x-stw-site
VAN
content-length
43
content-type
image/gif

Redirect headers

location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=4141980922447770076&pubId=10649
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
envelope
lexicon.33across.com/v1/ Frame 7AF7 		49 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002Ecz1AAAR&gdpr=0&src=pbjs&ver=7.31.0-PPI&us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.921theticket.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
f
fid.agkn.com/ Frame 7AF7 		0
0
prebid
id5-sync.com/api/config/ Frame 7AF7 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
47f9bfec125c6ad3150f582058470045e4aca998d5468dfea93f2023f9636a76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 7AF7 		0
0
usersync.html
cdn.undertone.com/js/ Frame 1C8B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82310
content-encoding
gzip
content-type
text/html
date
Sun, 16 Apr 2023 19:40:37 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id
g2RgQBATKuTyMYX7zs2pGWG8_CIPkpRuvbRFTkhw4RXQ_xvEMrnw4w==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6463 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-175.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 17 Apr 2023 18:32:26 GMT
ETag
"623de86a-cf34"
Expires
Tue, 18 Apr 2023 18:32:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9F0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1681756340800&gdpr=0&us_privacy=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame C592 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html?usp_consent=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-39.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7685
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 17 Apr 2023 16:24:22 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
x-amz-cf-id
cHVmHxe9V82OcLCeXiT8Y-DHoNRwCWzC-Gx8qkOgV6ZWdq-o5evy8w==
x-amz-cf-pop
PRG50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C38B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90373
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Tue, 18 Apr 2023 19:38:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 172C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.921theticket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 18:32:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ Frame 7AF7 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
69e4c447113562a16cbc63078fcf8487104f5ec71f32811696d5ad082fb51000
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 172C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5bd9a991a33608e4f953ba4d211a4bffe198235474eb27fcd001a4ef8fa45c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62385
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:52:11 GMT
13926
g2.gumgum.com/usync/ Frame BD6E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.102.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-102-57.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4f5c7736ea9098371113f8177db7a567009e120c03056c5848465c9ca6a0664c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 17 Apr 2023 18:32:26 GMT
etag
W/"0105f1503e57ded55577e29d586fe5670"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 117F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F24A 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3a53bd3c22715db215aea14b99fcf909232483d620fa6cc54720f67bf3eeb04a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
865
content-type
text/html
date
Mon, 17 Apr 2023 18:32:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4252
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
647f8ebc3a1a08803802042a76cc933e7400a9d0cc4336fc94121041a9facd66

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1787
Content-Type
text/html
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame B2E3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 18:32:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2973 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90373
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Tue, 18 Apr 2023 19:38:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame DDEE 		0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-id
-shltC13d-v-wGNxJRasGTZNyaJOPmmgPOZFaeqCYB1FJW-VyMef5A==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame CD6F 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 17 Apr 2023 18:32:26 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 26F9 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.207.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-207-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 17 Apr 2023 18:32:26 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1315223837049125863
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1315223837049125863
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
84f85834-f87e-4069-820c-7967a2921376
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=1315223837049125863
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Gf0YpBZHi4NStTnTQhS--oim
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Gf0YpBZHi4NStTnTQhS--oim
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Gf0YpBZHi4NStTnTQhS--oim
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame C592 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Apr 2023 18:32:26 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1681756346338
  • https://ad.turn.com/r/cs?pid=45&rndcb=5826736729
  • https://sync.1rx.io/usersync/turn/4141980922447770076?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-3e293132-82b3-4291-884a-1f5f7818e873-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-3e293132-82b3-4291-884a-1f5f7818e873-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-3e293132-82b3-4291-884a-1f5f7818e873-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-3e293132-82b3-4291-884a-1f5f7818e873-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-3e293132-82b3-4291-884a-1f5f7818e873-003
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3e29313282b34291884a1f5f7818e873003
content-type
text/html
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5124322325976183165
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5124322325976183165
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5124322325976183165
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame C592 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-39
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=d319ca96-42ff-44c0-8897-988943df9e52&gdpr=0&gdpr_consent=&us_privacy=1---
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=d319ca96-42ff-44c0-8897-988943df9e52&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=d319ca96-42ff-44c0-8897-988943df9e52&gdpr=0&gdpr_consent=&us_privacy=1---
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-45008890-6fdd-355c-82b5-ce5e8749de0d
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-45008890-6fdd-355c-82b5-ce5e8749de0d
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-45008890-6fdd-355c-82b5-ce5e8749de0d
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame C592 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.28.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-28-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
sync
ads.servenobid.com/ Frame C592
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 17 Apr 2023 18:32:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 17 Apr 2023 18:32:26 GMT
867.json
id5-sync.com/g/v2/ Frame 7AF7 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/867.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a4b649664bb02c7aa49c5a72b3e984e91a8b2f54176473345fc7365e02b335b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.921theticket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.921theticket.com
date
Mon, 17 Apr 2023 18:32:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sync
ads.servenobid.com/ Frame F24A 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8956516326104209569&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
p
a.audrte.com/ Frame F24A
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjJoU1cyN21aYTNUS0N1d25nQjhBR0FUQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGYyaFNXMjdtWmEzVEtDdXdu...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=4658758249816758715&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=f2hCqR6YWwXQ1a-JO7L-XZbRA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=8956516326104209569&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
34.233.179.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-179-36.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 17 Apr 2023 18:32:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame F24A
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8956516326104209569&gdpr=0&gdpr_consent=
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8956516326104209569&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
35.158.28.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-28-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8956516326104209569&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame F24A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=ZabQvmqiget-9tW8ZavO6TKn0e9-o4DpY6dPDt8C
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=ZabQvmqiget-9tW8ZavO6TKn0e9-o4DpY6dPDt8C
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=ZabQvmqiget-9tW8ZavO6TKn0e9-o4DpY6dPDt8C
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame F24A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZD2QugADfbBxvABL&gdpr=0&gdpr_consent=&_test=ZD2QugADfbBxvABL
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZD2QugADfbBxvABL&gdpr=0&gdpr_consent=&_test=ZD2QugADfbBxvABL
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-hhn-etou8220069-HHN
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1681756347.562032,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZD2QugADfbBxvABL&gdpr=0&gdpr_consent=&_test=ZD2QugADfbBxvABL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch
ssum-sec.casalemedia.com/ Frame A113
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
008a5f0cdde7597f6729a3622b6a819290a2029b00d9ac64c1ab3bdbfe16e3da

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1816
Content-Type
text/html
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Keep-Alive
timeout=1, max=499
Location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 4EF5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 18:32:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 1C8B 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 1C8B
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uBojuHZE2uE1m5JT7NdZspZTqrxdHl48~A
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uBojuHZE2uE1m5JT7NdZspZTqrxdHl48~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
EYy6C7TTDqy5eHQ2CvewcV68lAkpyYrfVW6fB-nGSamS-TtnEcTshg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-uBojuHZE2uE1m5JT7NdZspZTqrxdHl48~A
date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 1C8B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 1C8B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame 1C8B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjJDMTA1OUQtNTkwNi00MkE5LThDQTktM0FDQTEyOThGNzUy&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
Th4K2N4ntC3XCp0_sFT6oK4BTp4RryckcVRG5lkAblnImL1wse-SgQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1C8B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 1C8B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
1OgLpC3tt2gqLG2xfnK7ttArwAnRdz-mQumIm8w8BQ_5i1zd1gPszw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 1C8B 		0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=ec05a626981b4d11aec7575f3f6b50c6
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 17 Apr 2023 18:32:26 GMT
demconf.jpg
dpm.demdex.net/ Frame 1C8B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=dz13wn8fouv9efayjz0rreg92
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=dz13wn8fouv9efayjz0rreg92
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=dz13wn8fouv9efayjz0rreg92
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Server
54.228.21.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-21-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-00151a60d.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BS4yhEnrTjY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v047-058f91efc.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1/P4ix8tS5c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=dz13wn8fouv9efayjz0rreg92
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 1C8B 		62 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=dz13wn8fouv9efayjz0rreg92
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 17 Apr 2023 18:32:26 GMT
content-length
62
content-type
image/gif
403716.gif
idsync.rlcdn.com/ Frame 1C8B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/403716.gif?partner_uid=dz13wn8fouv9efayjz0rreg92
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 1C8B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=dz13wn8fouv9efayjz0rreg92
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.158.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-158-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1681756346
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync
ib.adnxs.com/ Frame 6463 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
AN-X-Request-Uuid
850b982d-8131-4041-8e36-f79d4e08a0bd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C38B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66795472&p=160111&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
96a3443b5a8bcd4918ec3907d142c434efcb634e9193bcd0ad8e06a58af2af75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 18:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame B2E3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5bd9a991a33608e4f953ba4d211a4bffe198235474eb27fcd001a4ef8fa45c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62385
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:52:11 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4252 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 4252 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZD2QuiGpPvO3aUQ-jHLQOgAAFFIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A7E4WMA009G71M51PJY9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4252
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZD2QuiGpPvO3aUQ.jHLQOwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4252
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2QuiGpPvO3aUQ-jHLQOgAAFFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 4252
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 4252
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4252
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1035643d-90b7-4200-a221-a4710b81560e
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1035643d-90b7-4200-a221-a4710b81560e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
MT3 796 58fb543 master nrt-pixel-x14 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1035643d-90b7-4200-a221-a4710b81560e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Apr 2023 18:32:25 GMT
demconf.jpg
dpm.demdex.net/ Frame 4252
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZD2QuiGpPvO3aUQ.jHLQOgAA%265202?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2QuiGpPvO3aUQ.jHLQOgAA%265202
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2QuiGpPvO3aUQ.jHLQOgAA%265202
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
54.228.21.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-21-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-0712ba180.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VAoHmmFWQ2c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v047-0f3f18f6b.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
mlNARTAnS0U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2QuiGpPvO3aUQ.jHLQOgAA%265202
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.servenobid.com/ Frame 4252 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZD2QuiGpPvO3aUQ-jHLQOgAAFFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dcm
s.amazon-adsystem.com/ Frame A113 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZD2QuiGpPvO3aUQ-jHLQOwAAFFIAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XKXYE441ASC57MJEYHXT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A113 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A113
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZD2QuiGpPvO3aUQ.jHLQOwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDuiru5G4QoaYWtx9-iUod4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A113
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2QuiGpPvO3aUQ-jHLQOwAAFFIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBE0ija67a5dvPILz9WILHs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame A113
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b42bf460-3b10-2dc1-eeb2ed40
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b42bf460-3b10-2dc1-eeb2ed40
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b42bf460-3b10-2dc1-eeb2ed40
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame A113
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6b8b132-a269-4263-8a31-42e42d831299&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6b8b132-a269-4263-8a31-42e42d831299&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f6b8b132-a269-4263-8a31-42e42d831299&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 17 Apr 2023 18:32:26 GMT
server
_
content-length
0
rum
dsum.casalemedia.com/ Frame A113
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1681842746
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A113
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4141980922447770076
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
usr.undertone.com/userPixel/ Frame A113 		0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZD2QuiGpPvO3aUQ-jHLQOwAAFFIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
J9lBcUkZFI5CVFMwcUY7Q4IAzUJdY6rjmyTCvdHOgbGuSOUeaS4adQ==
usync.js
eus.rubiconproject.com/ Frame 4EF5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5bd9a991a33608e4f953ba4d211a4bffe198235474eb27fcd001a4ef8fa45c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62385
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:52:11 GMT
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1315223837049125863
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1315223837049125863
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f65f1fb3-7521-4289-8c4d-4ee771746886
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=1315223837049125863
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9e4246fc-2362-4683-af4f-90bfff0796b2&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4658758249816758715&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
sync.outbrain.com/ Frame BD6E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9e4246fc-2362-4683-af4f-90bfff0796b2&obuid=ENC(bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DbJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO%26g...
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid=559f3b71cf78383f687e1858a7d0b1bc&obUid=bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STR...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=baidu&uid=559f3b71cf78383f687e1858a7d0b1bc&obUid=bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:27 GMT
Cache-Control
no-cache
X-TraceId
d3836e7d89c6e009656a6d832ee6cf07
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=baidu&uid=559f3b71cf78383f687e1858a7d0b1bc&obUid=bJgnr6EDqKIfs63efbgplFB_C2EVXQYZaYZQAYX-YkdHT8oOQQ5fd4iaZGi_PWXO&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
date
Mon, 17 Apr 2023 18:32:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
content-type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=5efa152a-db35-4eb7-888b-5e5f4df1e85b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=5efa152a-db35-4eb7-888b-5e5f4df1e85b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 18:32:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=5efa152a-db35-4eb7-888b-5e5f4df1e85b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-dff1b18a-91f2-54c7-5217-efe1fa106608$ip$81.95.5.39
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-dff1b18a-91f2-54c7-5217-efe1fa106608$ip$81.95.5.39
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-dff1b18a-91f2-54c7-5217-efe1fa106608$ip$81.95.5.39
Date
Mon, 17 Apr 2023 18:32:26 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-BbV_N1hE2pe5WAPzipKYPLeHwLW5swJ_vhYB~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-BbV_N1hE2pe5WAPzipKYPLeHwLW5swJ_vhYB~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-BbV_N1hE2pe5WAPzipKYPLeHwLW5swJ_vhYB~A
content-length
0
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=444a4ca5-42e7-4319-abaa-498720f09c0a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=444a4ca5-42e7-4319-abaa-498720f09c0a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=444a4ca5-42e7-4319-abaa-498720f09c0a
Date
Mon, 17 Apr 2023 18:32:26 GMT
Connection
keep-alive
X-CI-RTID
ca777b50-645a-428c-9390-017964e92aa6
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
994454019
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame BD6E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9e4246fc-2362-4683-af4f-90bfff0796b2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=955RvR3fjktXWhFMah_A&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2OJVGVJHMURTMZVGW5CYK5UEMTLBNBPUC...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=955RvR3fjktXWhFMah_A&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=955RvR3fjktXWhFMah_A&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:27 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=955RvR3fjktXWhFMah_A&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=5a469d9b-40f1-4a3b-903c-082b0fcf6b49
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=5a469d9b-40f1-4a3b-903c-082b0fcf6b49
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=5a469d9b-40f1-4a3b-903c-082b0fcf6b49
access-control-allow-origin
*
date
Mon, 17 Apr 2023 18:32:26 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=xhEDy3HHEp7P&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=xhEDy3HHEp7P&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=xhEDy3HHEp7P&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-mlpwb
expires
-1
usersync
usersync.gumgum.com/ Frame BD6E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8956516326104209569
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8956516326104209569
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 18:32:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8956516326104209569
date
Mon, 17 Apr 2023 18:32:26 GMT
content-length
0
sync
ads.servenobid.com/ Frame BD6E 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9e4246fc-2362-4683-af4f-90bfff0796b2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.239.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-239-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame C6A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
Mon, 17 Apr 2023 18:32:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 796 58fb543 master nrt-pixel-x1 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 41B7 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 17 Apr 2023 18:32:26 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame 19F0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL
  • https://usersync.gumgum.com/usersync?b=atm&i=ZD2QugADfRJykwBL&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZD2QugADfRJykwBL&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZD2QugADfRJykwBL&gdpr=0&gdpr_consent=&_test=ZD2QugADfRJykwBL
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220069-HHN
x-timer
S1681756347.564089,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 79C6 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZTQyNDZmYy0yMzYyLTQ2ODMtYWY0Zi05MGJmZmYwNzk2YjI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A378 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=90373
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Tue, 18 Apr 2023 19:38:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame A277 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 89CC
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZD2Qu8Co5s0AAE2xOHkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZD2Qu8Co5s0AAE2xOHkAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Apr 2023 18:32:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZD2Qu8Co5s0AAE2xOHkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40012.dc2p.scaleout.jp
X-SO-IP
81.95.5.39
X-SO-Key
ZD2Qu8Co5s0AAE2xOHkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZD2Qu8Co5s0AAE2xOHkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40012"}
X-SO-LB-Hostname
a-tgng40009.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40012
usersync
usersync.gumgum.com/ Frame 6934
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_9e4246fc-2362-4683-af4f-90bfff0796b2&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=299728d2-bc6d-4866-a1b5-47879b085727
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=299728d2-bc6d-4866-a1b5-47879b085727
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=299728d2-bc6d-4866-a1b5-47879b085727
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 738B 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 5A1E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=3OxQkiYyWzBz8jv6c9IZ&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=3OxQkiYyWzBz8jv6c9IZ&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT Mon, 17 Apr 2023 18:32:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=3OxQkiYyWzBz8jv6c9IZ&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B9B8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 18:32:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B2E3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&gdpr_consent=undefined&gdpr=0&khaos=LGL6AXEI-G-I8Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ImgSync
image8.pubmatic.com/AdServer/ Frame 836F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1035643d-90b7-4200-a221-a4710b81560e&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 18:32:25 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame FF70
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6403764937664543680
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6403764937664543680
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6403764937664543680
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 27F1 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:25 GMT
expires
Mon, 17 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
288412
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
sync
usr.undertone.com/userPixel/ Frame 32D0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 18:32:25 GMT
server
istio-envoy
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-id
qb0xN893YM2HWGc3I8AzMh0fqCVk8CEObVXZgwOoo-s6tJj7aiNlbw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 18:32:25 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
dcm
aax-eu.amazon-adsystem.com/s/ Frame 57C3 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E4985D8A-E953-4D5D-9549-51B45646CB1A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SE9GQ9897MGA8P3YDF49
sync
usr.undertone.com/userPixel/ Frame 7803
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1315223837049125863&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
server
istio-envoy
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-id
mJ_RDCcC7DP4zUjH6n8GpEArI_gn-Pq-v06RRMnoBO9w8Wvgr7BhXQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 42CF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223088488735963280&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 18:32:25 GMT
server
istio-envoy
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-id
irIE7YQ2Y0H4_KWwLcOpt4LzidVyDcrt7-hmw5ONSZmXiLJpKo6i7Q==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
6

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 18:32:24 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 3E69
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3_GxipHyVMdSF-_h-hBmCFFfBSc&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3_GxipHyVMdSF-_h-hBmCFFfBSc&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Apr 2023 18:32:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3_GxipHyVMdSF-_h-hBmCFFfBSc&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F0B9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdDAwN0lleUVBQUNCVmNScE5wdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABt007IeyEAACBVcRpNpw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8956516326104209569&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABt007IeyEAACBVcRpNpw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8956516326104209569%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8956516326104209569&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABt007...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt007IeyEAACBVcRpNpw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt007IeyEAACBVcRpNpw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABt007IeyEAACBVcRpNpw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1C28
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2QugADeOgNhwBS&gdpr=1&gdpr_consent=&_test=ZD2QugADeOgNhwBS
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2QugADeOgNhwBS&gdpr=1&gdpr_consent=&_test=ZD2QugADeOgNhwBS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2QugADeOgNhwBS&gdpr=1&gdpr_consent=&_test=ZD2QugADeOgNhwBS
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220069-HHN
x-timer
S1681756347.926902,VS0,VE0
cm
ipac.ctnsnet.com/int/ Frame 3227 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame AA6D 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Apr 2023 18:32:26 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-ce6d40dbcd6e@version_1.539
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 4FF5
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 18:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 4BB2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7b96c02f494f2be8-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7b96c02dce702be8-FRA
content-type
text/html
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
35
bridge
cm.adgrx.com/ Frame 4BC7 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 17 Apr 2023 18:32:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
Pug
image2.pubmatic.com/AdServer/ Frame CB73
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=rgevf0ercwsk
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=rgevf0ercwsk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 17 Apr 2023 18:32:27 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=rgevf0ercwsk
lws
20
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7050
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=cdcd786caf98f03f79064efbc848a0c9&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbnRWnaRhYRTQhjSj&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 18:32:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C38B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5JhdiulTTV2VSVG0VkbLGg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90373
accept-ranges
bytes
content-length
5554
expires
Tue, 18 Apr 2023 19:38:39 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C38B 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E4985D8A-E953-4D5D-9549-51B45646CB1A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.20.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-20-4.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.89
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C38B
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2428412883
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22C1059D-5906-42A9-8CA9-3ACA1298F752
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:25 GMT
via
1.1 google
last-modified
Mon, 17 Apr 2023 18:32:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22C1059D-5906-42A9-8CA9-3ACA1298F752
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame C38B
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E4985D8A-E953-4D5D-9549-51B45646CB1A
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjJoQ3FSNllXd1hRMWEtSk83TC1YWmJSQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4658758249816758715&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.233.179.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-179-36.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 17 Apr 2023 18:32:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame C38B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTQ5ODVEOEEtRTk1My00RDVELTk1NDktNTFCNDU2NDZDQjFB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:25 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
a15jncZG5qSKTgbQmp2kZP_NdVMN7i9hhya0aE2mNWbB5nQMB2rD-w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame C38B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBGCeZcThZ3ugXCmV7LNbDA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D22C1059D-5906-42A9-8CA9-3ACA1298F752
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
67VpeRyT85nvcIXoOFN85LZCDAqzmy2Pqjvg-cxVcMSJzGTT7sv6Mw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
date
Mon, 17 Apr 2023 18:32:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame C38B 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 16 Apr 2023 18:32:26 GMT
generic
match.adsrvr.org/track/cmf/ Frame C38B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pubmatic
um.simpli.fi/ Frame C38B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4658758249816758715
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBGCeZcThZ3ugXCmV7LNbDA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 16 Apr 2023 18:32:26 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame C38B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E4985D8A-E953-4D5D-9549-51B45646CB1A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9zUjF3VE2uVotnb7catJd2ccA0TTB7Y-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9zUjF3VE2uVotnb7catJd2ccA0TTB7Y-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9zUjF3VE2uVotnb7catJd2ccA0TTB7Y-~A&gdpr=0
date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
E4985D8A-E953-4D5D-9549-51B45646CB1A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C38B 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E4985D8A-E953-4D5D-9549-51B45646CB1A?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:66be:b78c:9970:b3c5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pubmatic
um.simpli.fi/ Frame C38B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_661c4f23-5baf-4744-bf56-c247cc43ff5e&bsw_param=8be02d32-7750-43c4-b6ad-b005c905096a&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8be02d32-7750-43c4-b6ad-b005c905096a&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 16 Apr 2023 18:32:26 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Mon, 17 Apr 2023 18:32:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
current
pubmatic-match.dotomi.com/match/bounce/ Frame C38B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E4985D8A-E953-4D5D-9549-51B45646CB1A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 18:32:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C38B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmatic
um.simpli.fi/ Frame C38B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4141980922447770076&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBGCeZcThZ3ugXCmV7LNbDA&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 16 Apr 2023 18:32:26 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Mon, 17 Apr 2023 18:32:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame C38B
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1315223837049125863
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1315223837049125863
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.39; 81.95.5.39; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
03aa7e6f-cc74-4261-9bf0-340960680a13
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1315223837049125863
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C38B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f7eeaaaf-d693-4488-a511-32065d8fbead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f7eeaaaf-d693-4488-a511-32065d8fbead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 18:32:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f7eeaaaf-d693-4488-a511-32065d8fbead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 17 Apr 2023 18:32:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 4EF5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&khaos=LGL6AXEI-G-I8Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame B9B8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5bd9a991a33608e4f953ba4d211a4bffe198235474eb27fcd001a4ef8fa45c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 18:32:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62385
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:52:11 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame B9B8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LGL6AXEI-G-I8Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rpr1oo5517112r39r3205n850033r8o1-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/rpr1oo5517112r39r3205n850033r8o1-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38f9219a3f72c887aa329c1b0aca6a4e2cb2e6877a2a93757f908901f3f90141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:28 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
2082288
last-modified
Mon, 17 Apr 2023 03:07:57 GMT
server
AmazonS3
etag
"9356b16431bd38500b963c299fee1ea2"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
sXLORS1qEevHcUYLQzLGPVRzuBgH--haFlAgjrZmiK5ydr8uE6G7XA==
My-Post-9.png
express-images.franklymedia.com/cdn-cgi/image/width=1200,quality=85/6616/sites/773/2020/10/06171148/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://express-images.franklymedia.com/cdn-cgi/image/width=1200,quality=85/6616/sites/773/2020/10/06171148/My-Post-9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf80b7ee15dc53332b6b3f4ed7edf1566e876f2e8bdebac138f9a02a7fbba1aa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.921theticket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 06 Oct 2020 22:11:55 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfccpVgXBdFKn_yF2NJOQbQ5KM3FnrrOeck9uOb3F2DQ:73aafdc89b1407e26ba05db052396bbc"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b96c039a8089ba7-FRA
content-length
55927
cf-resized
internal=ok/m q=0 n=115+0 c=16+203 v=2023.3.5 l=55927
SPug
simage4.pubmatic.com/AdServer/ Frame C38B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 18:32:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2973 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13282882&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
af8603fa46fa0da9a41be970da3223db29eb4138bca759184c2f8fe89defc995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 18:32:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
img
sync.mathtag.com/sync/ Frame 1C10 		0
0
pubmatic
d5p.de17a.com/getuid/ Frame 068C 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame E242 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 18:32:28 GMT
expires
Mon, 17 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
282438
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
generic
match.adsrvr.org/track/cmf/ Frame 2973 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2973
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4658758249816758715
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 1EC6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3DCC 		0
0
getuid
ib.adnxs.com/ Frame C7B4 		0
0
sync
ads.servenobid.com/ Frame 11DE 		0
0
mw
mwzeom.zeotap.com/ Frame 2973 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 2973 		0
0
p.gif
visitor.fiftyt.com/ Frame 2973 		0
0
/
pixel.onaudience.com/ Frame 2973 		0
0
sync
ups.analytics.yahoo.com/ups/58292/ Frame 2973 		0
0
22C1059D-5906-42A9-8CA9-3ACA1298F752
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2973 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
embed.sendtonews.com
URL
http://embed.sendtonews.com/player2/embedcode.php?cid=5472
Domain
nodeny.targetspot.com
URL
https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=10649
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.921theticket.com%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13454
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4658758249816758715
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=22C1059D-5906-42A9-8CA9-3ACA1298F752&redir=true&gdpr=0&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=316&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=22C1059D-5906-42A9-8CA9-3ACA1298F752
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=22C1059D-5906-42A9-8CA9-3ACA1298F752&sInitiator=external&gdpr=0&gdpr_consent=
Domain
visitor.fiftyt.com
URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=22C1059D-5906-42A9-8CA9-3ACA1298F752&gdpr=
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=22C1059D-5906-42A9-8CA9-3ACA1298F752&gdpr=0&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=22C1059D-5906-42A9-8CA9-3ACA1298F752&redir=true&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/22C1059D-5906-42A9-8CA9-3ACA1298F752?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless undefined| $ function| jQuery function| selectnav object| _ampconfig boolean| _ampdebug object| _AMP number| rewardsLoginInterval undefined| rewardsSpinInterval function| Cookies object| amp_rewards object| AMP_BreakingNews object| dates object| AMP_Calendar_Utils function| AMP_Event_Calendar function| date object| _amplistenlive function| gtag object| express_dimensions object| dataLayer object| corpDataLayer string| GPT_SITE_ID object| googletag string| ajaxurl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| sharedContainerDataLayer object| _teadsinjector function| onYouTubeIframeAPIReady object| gaGlobal function| __tcfapi function| __uspapi object| _CMLS object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| GPT_SITE_SLOTS object| _qevents object| regeneratorRuntime function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions object| gaDevIds object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| __dsp__api__base__ object| __twttrll object| twttr object| __twttr number| __mobxInstanceCount undefined| __mobxGlobals function| onTuneGenieMediaPlayerLoaded object| script object| FB object| $jscomp function| $jscomp$lookupPolyfilledValue object| Themify object| freestar object| headertag object| onSeeReady object| __dsp__core__1681756338455__36544531 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_764341 object| __buffer object| GooglebQhCsO object| ciads_settings function| fbq function| _fbq object| closure_lm_541908 string| __PWM__VERSION string| __TGMP__VERSION string| tgmpcdn function| onPWMReadyInFrame function| onPWMReadyTop object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ADAGIO object| sifi_att_42656 object| _caq object| Ci number| onloadDateTime object| unloadDateTime boolean| navGeoSupported object| citracker_ref object| plugins object| documentAlias object| navigatorAlias object| screenAlias object| windowAlias string| locationHrefAlias string| locationHostnameAlias boolean| hasLoaded object| registeredOnLoadHandlers object| info_demographics string| SDK_VERSION object| cntrUpTag object| __PWMLIBS__ object| PMCommReceiver object| PMCommSender object| TGMP_EVENTS function| TuneGenieMediaPlayer object| tgmp function| __PWM__SCREEN_scroll function| __PWM__SCREEN_resize function| TuneGenieRC object| __PWM__ string| tgmp_default_brand undefined| tgmp_default_theme object| _ADAGIO object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| tbLocalScript object| themify_vars boolean| loaded object| GoogleGcLKhOms object| google_image_requests

161 Cookies

Domain/Path Name / Value
.921theticket.com/ Name: cmls_localprop_ga
Value: GA1.1.1820827546.1681756337
.921theticket.com/ Name: cmls_localprop_ga_39ZEBK9WPT
Value: GS1.1.1681756337.1.0.1681756337.0.0.0
.921theticket.com/ Name: _ga_7LHM6PBR21
Value: GS1.1.1681756337.1.0.1681756337.0.0.0
.921theticket.com/ Name: _ga
Value: GA1.2.1820827546.1681756337
.921theticket.com/ Name: _gid
Value: GA1.2.579121182.1681756337
.921theticket.com/ Name: _dc_gtm_UA-41702516-14
Value: 1
.921theticket.com/ Name: _gat_gtag_UA_18782929_15
Value: 1
.921theticket.com/ Name: _dc_gtm_UA-41736871-1
Value: 1
.921theticket.com/ Name: cmls_aggregate_ga
Value: GA1.1.1820827546.1681756337
.quantserve.com/ Name: mc
Value: 643d90b1-d6f69-3a525-1c305
.921theticket.com/ Name: __qca
Value: P0-1610494680-1681756337728
.doubleclick.net/ Name: IDE
Value: AHWqTUmI8T9bPIauJmyKsHi4qcRRR4r-4BhGtsrny8GUDP0_fJvxi9jNN0dPi_ePUjQ
.921theticket.com/ Name: _gat_ampga
Value: 1
.921theticket.com/ Name: cmls_aggregate_ga_D35JDKEKBV
Value: GS1.1.1681756337.1.0.1681756338.0.0.0
pixel.westseven.media/ Name: AWSELBCORS
Value: E91B97D918E2B429133E33AC4397187C78F2933F03CE6A584749442976719ACC0D175C022DB7E02D9B35CEF7692729B24AED56356AE049EC55A6226A4886F6ED265238BEB3
.921theticket.com/ Name: _gcl_au
Value: 1.1.1667400631.1681756339
.simpli.fi/ Name: suid
Value: 41389C97F38F4545B30BD98BE1832B01
.921theticket.com/ Name: __gads
Value: ID=e28b3ab68eeac0bf:T=1681756338:S=ALNI_Malh-Bl-GSNrgvQVrMMldAf33Bc4w
.921theticket.com/ Name: __gpi
Value: UID=00000bd7e4826106:T=1681756338:RT=1681756338:S=ALNI_MbzzlkwvsZZyWDTKlyCypdLQ6O-Qw
www.921theticket.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.921theticket.com/ Name: pbjs_sharedId
Value: 1ce4ac37-7b53-4753-9d90-4dba70c21ab3
.prebid.a-mo.net/ Name: __amc
Value: 1_1681756340_1681756340
.lijit.com/ Name: ljt_reader
Value: Gf0YpBZHi4NStTnTQhS--oim
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rubiconproject.com/ Name: khaos
Value: LGL6AXEI-G-I8Q
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoEqoMq3agWS14C1LCtWBX9mfsNIvv6Qtrn/4TLQE0M/9BLd3dsMh6l2AE4DU4iEXIYkORZpKxIlXKY++jymV4/09UEZgTeJi7fywGsYkrIgA==
.undertone.com/ Name: UTID_ENC
Value: dz13wn8fouv9efayjz0rreg92
.undertone.com/ Name: UTID
Value: ec05a626981b4d11aec7575f3f6b50c6
.921theticket.com/ Name: _fbp
Value: fb.1.1681756340888.1737202114
.ipredictive.com/ Name: ci_rtc
Value: _uts=1681756340
.youtube.com/ Name: YSC
Value: SOdrESgM1j4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 6pVj7-p6_Sg
.adfarm1.adition.com/ Name: UserID1
Value: 7223088488735963280
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4658758249816758715
.mathtag.com/ Name: mt_mop
Value: 4:1681756343
.mathtag.com/ Name: uuid
Value: 1035643d-90b7-4200-a221-a4710b81560e
.live.streamtheworld.com/ Name: uuid-s
Value: b5cae393-e4b0-433c-bb6c-de9f7cd109d1
.exelator.com/ Name: EE
Value: "cdcd786caf98f03f79064efbc848a0c9"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE5JTnF3MIsOTHN0iLNwDjN3NLAzCQ1LSnZwsQi0SDZcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQaEl%252BUWb6IhfXxUUpaQyLSopPBR8%252BYQ8A4IwrAw%253D%253D"
.yahoo.com/ Name: A3
Value: d=AQABBLiQPWQCEFpGRL-r3dIkLi265Yox8qAFEgEBAQHiPmRHZAAAAAAA_eMAAA&S=AQAAAt6oV1Pa-SX-hf776cmOTnk
.linkedin.com/ Name: bcookie
Value: "v=2&9057697a-3247-4265-81f6-378ec9caf654"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODE3NTYzNDQ7MjswMjG17ElQwn844G9XM+x9+Wh2XVnnQxM524dN2X13F+XIQw==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2949:u=1:x=1:i=1681756344:t=1681842744:v=2:sig=AQE4NbO4ptAPk_q2eoHI89PbB4vZJ-t4"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidswitch.net/ Name: tuuid
Value: 8be02d32-7750-43c4-b6ad-b005c905096a
.bidswitch.net/ Name: c
Value: 1681756344
.bidswitch.net/ Name: tuuid_lu
Value: 1681756344
.acuityplatform.com/ Name: auid
Value: 768572484574
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAUNkD1UOgphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFDZA9VDoKPdGhpcmRQYXJ0eVVzZXJJZGNiNWNhZTM5My1lNGIwLTQzM2MtYmI2Yy1kZTlmN2NkMTA5ZDH7+4Z2ZXJzaW9uwvs="
.adnxs.com/ Name: uuid2
Value: 1315223837049125863
.live.streamtheworld.com/ Name: idsync-dbm-uid-s
Value: CAESEDydd4RtqgqUYoFm0jwo9wA
.amazon-adsystem.com/ Name: ad-id
Value: A0Y6pBB2HEwNpqWX3D0rKB8
.live.streamtheworld.com/ Name: idsync-acu-uid-s
Value: 768572484574
.live.streamtheworld.com/ Name: idsync-an-uid-s
Value: 1315223837049125863
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MrU0NzO0MDY0MxXiM9RNqcr0cPcsC7coMfUDADTSArslAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MrU0NzO0MDY0MxXiM9RNqcr0cPcsC7coMfUDADTSArslAAAA
.live.streamtheworld.com/ Name: idsync-aw-uid-s
Value: 837cb2be42272416332295ddf0594755
.turn.com/ Name: uid
Value: 4141980922447770076
.live.streamtheworld.com/ Name: idsync-mm-uid-s
Value: 1035643d-90b7-4200-a221-a4710b81560e
.live.streamtheworld.com/ Name: idsync-bsw-uid-s
Value: 8be02d32-7750-43c4-b6ad-b005c905096a
.live.streamtheworld.com/ Name: idsync-amb-uid-s
Value: 4141980922447770076
www.921theticket.com/ Name: _lr_retry_request
Value: true
www.921theticket.com/ Name: _lr_env_src_ats
Value: false
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFobmpmbGJiaWl-ShzBNzM2MAYAXPlVTCAAAAA
.smartadserver.com/ Name: pid
Value: 8956516326104209569
www.921theticket.com/ Name: id5id
Value: %7B%22created_at%22%3A%222023-04-17T18%3A32%3A26.330717409Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.casalemedia.com/ Name: CMPS
Value: 5202
.casalemedia.com/ Name: CMPRO
Value: 5202
.servenobid.com/ Name: pid_324
Value: 5124322325976183165
.servenobid.com/ Name: pid_327
Value: d319ca96-42ff-44c0-8897-988943df9e52
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_312
Value: 1315223837049125863
.casalemedia.com/ Name: CMID
Value: ZD2QuiGpPvO3aUQ.jHLQOwAA
.servenobid.com/ Name: pid_310
Value: Gf0YpBZHi4NStTnTQhS--oim
.advertising.com/ Name: A3
Value: d=AQABBLqQPWQCECvVlJC4mgomjjHxBdoMuOUFEgEBAQHiPmRHZAAAAAAA_eMAAA&S=AQAAAuQ85lxexcglBt1sVMeQA40
.gumgum.com/ Name: vst
Value: e_9e4246fc-2362-4683-af4f-90bfff0796b2
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.pubmatic.com/ Name: DPSync3
Value: 1682899200%3A201_245_241_235
.servenobid.com/ Name: pid_333
Value: ZD2QuiGpPvO3aUQ-jHLQOgAAFFIAAAIB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 22C1059D-5906-42A9-8CA9-3ACA1298F752
match.sharethrough.com/ Name: AWSALBCORS
Value: Y7EGgg5pIwbuBhghR9bzrnHbL+nVVosXPGJmjElnt1eSRmZ37ndualsvlAEnvRtKLC+REDiBfdD0LmYrgaLEcA2yuCMBdnRpoi2dQFUITY9sf5mFvvy7PBUuynu1
.openx.net/ Name: i
Value: 7a6b8e03-5aa7-4916-b526-865ae186dae0|1681756346
.servenobid.com/ Name: pid_309
Value: e_9e4246fc-2362-4683-af4f-90bfff0796b2
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3e293132-82b3-4291-884a-1f5f7818e873-003%22%7D
.krxd.net/ Name: _kuid_
Value: PgFgfEZV
.servenobid.com/ Name: pid_353
Value: 0000EEA
.quantserve.com/ Name: d
Value: EIkBEgHjKPijCP_8EA
.creativecdn.com/ Name: u
Value: 3OxQkiYyWzBz8jv6c9IZ
.creativecdn.com/ Name: ts
Value: 1681756346
.ctnsnet.com/ Name: cid_95b966683d34448ab61b8914a02e97e6
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3A3y_vBrqGivfPWWybAhQ9hVRCkaVHYooO.zOcpvQeIX2QlJWBG7w0oormBZ5rdL%2FwgV%2B8mobZElX0
.weborama.fr/ Name: AFFICHE_W
Value: TTMw3W77lt9N36
.csync.loopme.me/ Name: viewer_token
Value: f6b8b132-a269-4263-8a31-42e42d831299
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP&KRTB&19420-36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP&KRTB&22979-36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP&KRTB&23462-36rl8NCutKXE-uDy36f7p4ir5KHEr7Wn2asJ7vUP
.dpm.demdex.net/ Name: dpm
Value: 11477468373449628893225494926894630212
.demdex.net/ Name: demdex
Value: 11477468373449628893225494926894630212
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEBGCeZcThZ3ugXCmV7LNbDA&KRTB&22987-CAESEBGCeZcThZ3ugXCmV7LNbDA&KRTB&23025-CAESEBGCeZcThZ3ugXCmV7LNbDA&KRTB&23386-CAESEBGCeZcThZ3ugXCmV7LNbDA
.de17a.com/ Name: guid
Value: 1.6403764937664543680
.brand-display.com/ Name: _knxq_
Value: b42bf460-3b10-2dc1-eeb2ed40.1681756346.0.1681756346.1681756346
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7223088488735963280&KRTB&23369-7223088488735963280
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1315223837049125863&KRTB&23339-1315223837049125863
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4658758249816758715&KRTB&23263-4658758249816758715&KRTB&23481-4658758249816758715
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4141980922447770076&KRTB&23150-4141980922447770076
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3e293132-82b3-4291-884a-1f5f7818e873-003%22%7D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-45008890-6fdd-355c-82b5-ce5e8749de0d
.adsby.bidtheatre.com/ Name: __kuid
Value: f7eeaaaf-d693-4488-a511-32065d8fbead.450970346
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_661c4f23-5baf-4744-bf56-c247cc43ff5e
.360yield.com/ Name: tuuid
Value: 5a469d9b-40f1-4a3b-903c-082b0fcf6b49
.360yield.com/ Name: tuuid_lu
Value: 1681756346
.bluekai.com/ Name: bku
Value: fEy99n3xwVEq7IDA
.pubmatic.com/ Name: pi
Value: 0:3
.servenobid.com/ Name: pid_321
Value: RX-3e293132-82b3-4291-884a-1f5f7818e873-003
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6403764937664543680
.analytics.yahoo.com/ Name: IDSYNC
Value: 198o~2b56
.servenobid.com/ Name: pid_346
Value: ua-45008890-6fdd-355c-82b5-ce5e8749de0d
.pubmatic.com/ Name: SPugT
Value: 1681756346
.onaudience.com/ Name: cookie
Value: 1e94e09b397dbc8c
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8be02d32-7750-43c4-b6ad-b005c905096a
.bidr.io/ Name: bito
Value: AABt007IeyEAACBVcRpNpw
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_337
Value: y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
.servenobid.com/ Name: pid_339
Value: y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
.go.sonobi.com/ Name: HAPLB8S
Value: s8539|ZD2Qv
.pubmatic.com/ Name: SyncRTB3
Value: 1682899200%3A220_21_13
.addthis.com/ Name: ouid
Value: 643d90ba0001ca2faf40d79392c19a4088a18c4738167884376c
.addthis.com/ Name: uid
Value: 643d90bad5dbb5f9
.addthis.com/ Name: na_id
Value: 2023041718322663900585248836
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.admanmedia.com/ Name: admtr
Value: 299728d2-bc6d-4866-a1b5-47879b085727
.admanmedia.com/ Name: ac_r
Value: CS71
.undertone.com/ Name: UID_EXT_57
Value: ZD2QuiGpPvO3aUQ-jHLQOwAAFFIAAAAB
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 26bc22e6cc937c92
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NOvcHvPGbnRWnaRhYRTQhjSj
.undertone.com/ Name: UID_EXT_53
Value: 22C1059D-5906-42A9-8CA9-3ACA1298F752
.undertone.com/ Name: UID_EXT_56
Value: y-QTgecMlE2uE5IFMbuMfngMJ2RQfxJPWL27W6oS4-~A
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1035643d-90b7-4200-a221-a4710b81560e&KRTB&16736-uid:1035643d-90b7-4200-a221-a4710b81560e&KRTB&23019-uid:1035643d-90b7-4200-a221-a4710b81560e&KRTB&23114-uid:1035643d-90b7-4200-a221-a4710b81560e
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.outbrain.com/ Name: obuid
Value: c0d1be3f-e66b-4eff-912c-4d80aadea2d3
.ipredictive.com/ Name: cu
Value: 444a4ca5-42e7-4319-abaa-498720f09c0a|1681756346773
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dff1b18a-91f2-54c7-5217-efe1fa106608.RJhOhlwoFzTMy30gN0Z1k%2Fq30TQj%2FReje80542oESNI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%2FfidluW2oilJaNKvXAAeo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3_GxipHyVMdSF-_h-hBmCFFfBSc.Eq6EpVgC7xHl4i4QNH9bBP%2FfidluW2oilJaNKvXAAeo
.zemanta.com/ Name: zuid
Value: 955RvR3fjktXWhFMah_A
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-3_GxipHyVMdSF-_h-hBmCFFfBSc&KRTB&23334-3_GxipHyVMdSF-_h-hBmCFFfBSc&KRTB&23417-3_GxipHyVMdSF-_h-hBmCFFfBSc&KRTB&23426-3_GxipHyVMdSF-_h-hBmCFFfBSc
.audrte.com/ Name: arcki2
Value: f2hCqR6YWwXQ1a-JO7L-XZbRA!20220908!1681756346781!ip#81.95.5.39
.audrte.com/ Name: arcki2_pubmatic
Value: E4985D8A-E953-4D5D-9549-51B45646CB1A!20220908!1681756346784
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZD2QugADeOgNhwBS
.tribalfusion.com/ Name: ANON_ID
Value: amnseFy4ZawFBA9MAJP77UAWsvRfnNfjacbOduV7EOBA7jnOUvJGrVApNDCliTwTAKjmSUe0yyMYxYld5Tke0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABt007IeyEAACBVcRpNpw
.pubmatic.com/ Name: PugT
Value: 1681756346
.audrte.com/ Name: arcki2_ddp2
Value: f2hCqR6YWwXQ1a-JO7L-XZbRA!20220908!1681756346907
.smartadserver.com/ Name: csync
Value: 94:ZD2QugADfbBxvABL|127:AABt007IeyEAACBVcRpNpw|139:0|141:f2hCqR6YWwXQ1a-JO7L-XZbRA
.audrte.com/ Name: arcki2_adform
Value: 4658758249816758715!20220908!1681756347036
.audrte.com/ Name: arcki2_smart
Value: 8956516326104209569!20220908!1681756347070
.gammaplatform.com/ Name: _aGeoIp
Value: RS|Bela_Crkva
.gammaplatform.com/ Name: _aUID
Value: rgevf0ercwsk
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-rgevf0ercwsk&KRTB&23446-rgevf0ercwsk&KRTB&23465-rgevf0ercwsk
.mediago.io/ Name: __mguid_
Value: 559f3b71cf78383f687e1858a7d0b1bc

14 Console Messages

Source Level URL
Text
network error URL: https://engage-see.franklymedia.com/widget/see_10526/see.js?ver=20220510-01
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thrtle.com/sync?vxii_pid=7004
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://www.921theticket.com/
Message:
Mixed Content: The page at 'https://www.921theticket.com/' was loaded over HTTPS, but requested an insecure script 'http://embed.sendtonews.com/player2/embedcode.php?cid=5472'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://engage-see.franklymedia.com/widget/see_10526/see.js?ver=20220510-01
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=10649
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
javascript error URL: https://www.921theticket.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13454' from origin 'https://www.921theticket.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13454
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.921theticket.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.921theticket.com%2F' from origin 'https://www.921theticket.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.921theticket.com%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/403716.gif?partner_uid=dz13wn8fouv9efayjz0rreg92
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E4985D8A-E953-4D5D-9549-51B45646CB1A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.storyblok.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
abs-0.twimg.com
abs.twimg.com
acdn.adnxs.com
ad.360yield.com
ad.ipredictive.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
api.tunegenie.com
as-sec.casalemedia.com
b1sync.zemanta.com
b3.tunegenie.com
beacon.krxd.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.resonate.com
cdn.undertone.com
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csi.gstatic.com
csync.loopme.me
cumuluspro-express-pro.franklymedia.com
cw.addthis.com
d13l4u7pe64ymo.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
data.ad-score.com
dis.criteo.com
dl.westseven.media
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e76ff033cecd72805c9eec3e4747fae0.safeframe.googlesyndication.com
ea3af0e4c98edb91b2df6cc6f5c43ead.safeframe.googlesyndication.com
embed.sendtonews.com
embedcdn.sendtonews.com
engage-see.franklymedia.com
eus.rubiconproject.com
express-cms-assets.franklymedia.com
express-images.franklymedia.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
hb.undertone.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.live.streamtheworld.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
js.ad-score.com
kqsm.tunegenie.com
lb.eu-1-id5-sync.com
lexicon.33across.com
loada.exelator.com
loadus.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media-cdn.ipredictive.com
mwzeom.zeotap.com
nodeny.targetspot.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.westseven.media
platform.twitter.com
player.sendtonews.com
playerservices.live.streamtheworld.com
playerservices.streamtheworld.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
sdk.listenlive.co
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.tunegenie.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
tag.simpli.fi
tags.bluekai.com
targeting.unrulymedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
up.pixel.ad
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.undertone.com
visitor.fiftyt.com
w.dailysportspage.com
www.921theticket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yield-op-idsync.live.streamtheworld.com
aax-eu.amazon-adsystem.com
ads.servenobid.com
api.rlcdn.com
d5p.de17a.com
embed.sendtonews.com
fid.agkn.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
mwzeom.zeotap.com
nodeny.targetspot.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
simage2.pubmatic.com
sync.mathtag.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.fiftyt.com
100.21.16.143
103.229.205.242
104.18.11.47
104.18.12.242
104.18.25.185
104.244.42.8
104.244.43.131
104.77.32.87
108.138.1.25
108.138.4.150
130.211.115.4
134.122.57.34
141.94.170.77
141.94.242.206
142.250.185.162
147.75.84.158
149.126.77.46
151.101.194.49
152.195.34.212
154.59.122.79
162.19.138.116
162.19.138.83
178.250.1.9
178.79.242.181
18.198.83.226
18.66.97.47
185.184.8.90
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.79
185.64.190.80
185.80.39.216
185.86.139.102
185.89.210.212
185.89.211.132
185.94.180.123
192.173.28.19
193.0.160.131
195.5.165.20
198.148.27.139
198.47.127.20
2.19.224.115
2.19.228.175
2.19.228.18
2.19.228.187
2.19.70.117
2001:4860:4802:34::36
202.241.208.52
208.92.53.43
209.54.182.161
213.155.156.168
213.19.147.42
213.19.147.45
216.52.2.6
216.52.2.91
23.192.153.172
23.37.42.132
2404:6800:4007:82d::2003
2600:1901:0:8344::
2600:9000:211e:8200:9:46dc:4700:93a1
2600:9000:2127:8600:7:5253:f880:93a1
2600:9000:2127:d800:a:deb0:3380:93a1
2600:9000:2127:e800:6:44e3:f8c0:93a1
2600:9000:2156:a600:1:c325:9400:21
2600:9000:223c:6c00:1f:2473:9080:93a1
2600:9000:223e:c600:6:4e5d:a0c0:93a1
2600:9000:223f:9a00:1f:4c18:bd40:93a1
2602:803:c003:200::21
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4bf1
2606:4700::6811:180e
2606:4700::6812:1640
2606:4700::6812:166c
2606:4700::6812:176c
2606:4700::6812:18ad
2606:4700::6812:4db
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9d
2a02:fa8:8806:12::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::485
2a04:4e42:8d::159
2a05:d018:d29:3602:66be:b78c:9970:b3c5
2a06:98c1:3120::3
3.123.167.21
3.216.207.32
3.229.184.207
3.75.62.37
34.102.253.54
34.111.129.221
34.111.131.239
34.111.151.213
34.120.133.55
34.230.111.71
34.233.179.36
34.247.20.4
34.250.229.85
34.254.143.3
34.90.79.92
34.95.69.49
35.158.28.31
35.186.193.173
35.204.158.49
35.208.249.213
35.214.153.92
35.244.159.8
35.244.174.68
35.71.131.137
35.81.73.75
37.157.5.142
44.193.144.228
44.194.106.226
44.210.56.152
46.228.164.11
51.89.9.253
52.0.141.13
52.202.46.169
52.210.15.1
52.217.139.176
52.217.165.40
52.22.181.172
52.220.229.2
52.222.214.24
52.28.20.73
52.3.62.68
52.35.1.108
52.49.68.56
52.50.102.57
52.57.232.151
54.154.239.112
54.228.21.106
54.73.101.130
54.80.169.87
54.93.145.184
63.35.158.238
65.9.95.106
65.9.95.125
65.9.95.17
65.9.95.39
65.9.95.53
65.9.95.85
67.220.228.203
69.166.1.12
69.173.144.139
70.42.32.223
70.42.32.63
72.251.241.206
72.52.166.135
77.245.57.72
8.18.47.7
8.43.72.98
80.77.87.161
85.114.159.118
98.98.134.241
98.98.134.242
008a5f0cdde7597f6729a3622b6a819290a2029b00d9ac64c1ab3bdbfe16e3da
01b0c31b7787a7bef6386448b3309dce9e0e1752f0a7cc740ab646e571c20515
01c5cfe7f4934d64364ff76ccd3c08c3662563650162817a5bc99c2848f624e9
02253fe8a8a09dfa9ccb4681d11015cba1240fdc9277a1d8437d6a0fb133e4db
0262ed76bd727f873ca1e2757ecf673b3ad1bba37640c6bbf9e6e84b5a51870c
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
038f8a9eea843881ed306613e33bdf5172437c90214850d58cce2558dda1a131
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fd4271e82cdb8d10b3b34667c6d3a83e2a808d1034a5618ebe5fc9653ffcdb
06ffc101b9e129d5b877a17bc6c3ade6101d1c637faee67267c45e4efe3801dc
074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5
07690a629a348fded70128c84c3128d958a3ac5e27f8f18174de23972724cc2d
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
09c034ceb64f4273178d6226ddb7b11bc6eac8c353a015296f677c16b70d09d6
09c102f23d3a928c882da78f7357f944d5b8a9e4e4b9772dc63e73d4b52c876c
09c6d5d6a7b3ecdb323865a1b084488974fb96219d6620cf8a6e715d02cba55c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdb7c79b4fb8bbe183ab24e9c0a0de7b1800d40a6f5197282adcd5920b709b2
0c0d49ae011d8ef1983288cb6050e1964a1991e1639868c0be52753423b1ad60
0c14dce35fd13705c9fde42eed967bc87472dd1a61ff1fc8695ce640f2d86a57
0cc1236256d8bc4e006694b3f3a093aeddda254854c5f7c62358870888b5be50
0d30bd6465a11584b58e66a0bbc91fa6735b6fd147590ff28e92b485897f3957
0e43c5f1049dad60b6981e789374eab9014c14fc5797db38916c20c2084e9eaf
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
0f6bb019b01d05d948e743db0c2d7eea959ecd2dafbabb708c6c82770cb78615
0fdd97604374e58db3009dbad40df4e61a0a9fa5207d636049e9d3af4e62839a
1152e980ab44d04a8f640455607ce095cc3b1ec1231d32399804114d69913c06
129d9a340ad960236445c559190546672c530544e000fd246b6b046afeac5666
130d2977c5b71de88b4289a6f6fce6a3c7e1c719fc6b809be6f9a1bb6304a8e5
136a801eebbba89c866168ec16b33ecca44a9f083f5ab29f3adc961ad1124c5f
150861597da231bb966dfd09e58a556e104927ec8415ca49e3a3617596059f68
1570ffb78a43e3812d58cfb562b73b5328049cfcc637dd7c4e20577aad3b3b15
1602bbbe3ff382852e4f7c71efd46277f00cae1799adee44d44c49e51ca47d84
162b402b205ed475698f221ab93ef71822d0a1a41cc99da2bab24d3d41dae23f
17721a87106f3de689f70866bbc543c836129034f7d01e4509691cb39f1fdfe0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199f1cdc3df15de6c7544550bca52b02b7b751736047d479a928078ad5431937
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
1d0ab5a723a62a656f416eded56644e45ac5d29c2c2858388d3102571592b884
1d7342b56a65057bfcf933f9c4d08c18469bcebd01186dc3fa105c6b45fca4c8
1e19a2ec15cb7e80c28f326f1463ec063cb292de5cb20dec763f79b831177c54
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
1fffe142658ede54ea109d3864f003ebb11170d4ea0110f752ec4b51cc8646c9
225872294975bf8c97d3ac75b007cfa5c0d778d117c018981d97c19020a53ce0
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
22d1b1aa497be7140e8ea47f785a6781feac1f6c39d7fadb7a02d100c5f64f7c
23d91d2179238aecca24679312539d6ebb848ab20769333d9d9deb78d32a6023
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
25d5b0ed742fbcf607f1680ca632128118ca36c8a355029025eb4cd22c7aa981
26a7c417f67159ae3e9ef95aa85ee360b0ba0d07608d9f9c8e615052b1da1400
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2725f8b87b10f8782c764f7d6148cb5f80022a874ea88a3aec7f1e2a49c7ded0
27be4e71e772eab3143df5bee3739a1feb2eefe8a4f5c28de10824c7fb229a01
27c71a9e2cb0bb6595a57b297c1c94503b0fa7dac371945e68af53741592cc55
291b586499936c0e8938e1829cd7b1127599467d7a6fbacc43d610c6315d1897
295d7a89edba340ba21a782d60adc4cadfd7fbd2ba00d9f2c931425ca1349dc7
2967d996f2573b63528b3822402f1357aa7e98812cd8be584b454e6b82208405
29a4c34be2d8d3ff62ec5125d03108daa23df126fcf1e118bf42cb2ec9861fd9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2afdfe3d6b8f1361176b5ab7134e4c4754c888286ae0527c85eb95c1feec9c68
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee786c10ec008299f43bb2c743554c992dd4393e6514b2e031ae6433fec9d09
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb6890ac6141ad8116488286153d0af821f77c8acea5c8645d7ea3cf7aca8ea
3005bbf3e7aa49a58192f6a0171270c573c1ee1b6b569f93e31ceca94e9c48e9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
32d9b82d940e893c04166240cabd5d782a23e3ef883625fa32d0f5bb25a8cfbf
356962d8530e483cee9e73f446497291af6bee1ee6e400e17b6d0f6c7178d0b7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
364d2db94de8213f27558dbb869c4a5d21ab12c8407bf1aa318a23c73aa3cca4
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
384001affbd29c2b2cf01ca24b518d4eeb3d0dff7952c40d5847afe398d345cd
384259351d108f2d47f10db1ed7d387def16a4ef82c020938bf542a0b4d62c02
38f9219a3f72c887aa329c1b0aca6a4e2cb2e6877a2a93757f908901f3f90141
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a132ff98011afb089fa6a27a9b6304c8594bd9bb00567b3a226a37864f5d3d9
3a53bd3c22715db215aea14b99fcf909232483d620fa6cc54720f67bf3eeb04a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e16b520601222e9febb9322d25f2880f323ab6184bbb20a2dfbc01512d49cec
3f3883a9baa572c14af4ba4c15c48206dbd40bcbdcf6bf67410afa627c69aae2
3fca634634da26dbe8550625e906c79d696fd3bd2202274dde486b3a764a17ab
3fce17e6b142b7196a6797dcb8462a99a51a00e354cc47a59c738afc722df220
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4015fcd470b32a176e2531403dc228f3a8ee4bd68dc7b7f9fc0e696f6187a7df
416ecac927611cfec67f7d37b7629ecffc9b545bb90364994b957ed72def5769
41f1c664fdf930c1ecf1b3be8b7814abca4b9db344af4f19776c93bb780135d4
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115
43ee45287123b95f11211fdd02e23147a3f4909023503e0b03fe00ea2ee01926
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d8be1121ed1dc8d49eac1d722a43c52f92382ea91e2e59f1b44c49252e0c09
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f9bfec125c6ad3150f582058470045e4aca998d5468dfea93f2023f9636a76
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491cc8a00db1007c36279c35b1f4f811dca0db1bd257ed18696f6d97407c749d
4933cd1b3fc067c710a730b12267bd2ee5290a96f01b90f9932782c6f9f22c25
493f4917667aa062937daf57d4ff9100169527f97f0c143a29dd023adf0e7987
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
4c8c703afd944080a14f8c5edcb3c00bda5b28adf95871b7d463223e3a21a77c
4d922cea252e89b5aba0193964a03e26866c41b08f107a5cb8576e12a9024b6e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3149128340c4394835bb0559edba9bd118e07b596e6fbbb18fef086f3151af
4e9183a7bbc56ea4bcaa21f5c619e23a4dddbe13b3017443e703ba53ca27bffa
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f5c7736ea9098371113f8177db7a567009e120c03056c5848465c9ca6a0664c
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
4fd192e7a627b8fbbf95ed31b18e6c982e3ff96d00e619751d0c38d1a5d80cca
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5377bd39f9bfdfe87998f1ae25259cff4c6b1533e58d7a59e20d40232a0169f4
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54914436c21b3b9381a395a47ccd0aef9ee898fd5970759bebe9a6b7d82a80c6
559bf235d7efc79c6b9bb6ac1cd7a53aca53a7cf6dcbd1042e9e81b7c185d617
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
580f45ba2ddac56d07641a21093ef3ea08f51bcb3f856cfd641910f780e74c53
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
58c255681e66fc4e52c02e37638aa2197911b5e59b07234a1273bdff4e2e4900
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b06d0417a083d59db624688e0c5fcf444114515d2e55ffd0b79fc3dd7d51de2
5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b
5c409407564feedccfd3c28cb6521b59d68f5128eb2b598d9dcca18945376d79
5d3b318a856e3825d40c46bc3b2b2a3f0efda05f1e50d0186f9962d7f8abe33d
5d7162200f464a21121476793004f2eb1af54d5d92f7910b4f54f8ba64c16e3b
5db73e43d6f40687165de7df1a9cac4db859cbbfd9347cbe1416bcf8465cc91b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f81194cbd4697dd96c6a57cd32d09427a8ecdc603fd9dce20a981341b297f7d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6086975db5a833f1cf1f8d845f7b2e6d3023cba253084f38d21d0ae95b3406fd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bd6b22e0e4e140047d4f01cc2b8a964cdd475739c75479b847a3ba642dd94e
63c817698a0c1c81dab9b49270009f2c154c57b83f6bd04c29a70a9e6de2d441
63ef0c4740062d3e2cfdf6e0e2e08eac60504be0578db18c6cf075931ab3d126
647f8ebc3a1a08803802042a76cc933e7400a9d0cc4336fc94121041a9facd66
6484dbdbcc018ef0cc92a28a4ef391571c4651aaa1958a85a24439c6120f9606
64ffe77d0f8d8b0b74a00ad2cd3bb5d424e904c2adba467659f77abc894ea6ab
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
659be1584c47aeffe03f99a68d7fb930b67d904ea16a8b0f7a51247b8cad9999
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663d57136dd8c18d6664ef3f4331160ddea49bfb98913adfad34ed44a0553883
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bcfd8006e20f5a2322280c2052ae1f34fbb129f5d69a873a76f5d58a275838
69b4b9d0b0e573d7a04d0d347ff4d553c5ac31aa0c6b28795b99ab4727161a0c
69e4c447113562a16cbc63078fcf8487104f5ec71f32811696d5ad082fb51000
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3d56c686de12309c147312d68ec83adcaa898664f39baf3b93335e6db35808
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6e471670f0691069e67f699d581d1e65c88d65e591d823721d7011d5bf903260
6f3b48f8e29c5ee2c4bdecc130a40bad9bb1905075788bad41d3f2104e1b6eff
7122641b831b99a8688c6ab2e7b68c7c14e8c87ae3123de798ddf227c9c98f3a
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
71970f2bb23c0a4f6bbeadad64b42a9dde1b48dbc1aeafb584eaedc59049ee10
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7541bc3222a1d2c6a5fd30bc949941c06d0470df4143160891004f6b0c138a9a
75f291c35a9c9576fd9b5c443b42dbbb289645005a74bfe76929623e9c541232
768bb0222a4439240a5b9db5fbd136c7dd60e1ad6ebc46445bbe747544f60eb4
783acc04174098c9e538ec02074dfe433e1ce8067720c240def1178c83252a0c
78f1a336db6214729bf4367c8af5b05c7b1e3be81d27580fe35c3c10b1361cae
7902803ab519270d9c6374a0ba8b07cbe582c91b8f262bda3dd63d5a00b19f38
790bf3c108253318c0f755902849eed9f8e9bc3c0d1e80908f88306a716c1121
79baa2f6c69e94c26e3ef98a0864578d0c7aa4744d49cc420e2aac1e5f74d978
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7cbcb1196c5e91f7a8602c89b30bb7dd3c1f714d5c8072414882b592d45bc867
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
7d4c1924b83af40eaeb7598b9b44fef9338b912ad34fe8c4e03b8312cbeb756e
7e3a506844e7dc60ed271a3649e587166c7918f3dbeddce27cda96a0d0ec33bf
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518
7f4abd1aa3b352c2c1df1cfd1dd7e49d8288138b60c63e43b9faed3e1e1383ad
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805c456f58d00a6ca84ce26e4a0e20d130245ba8c3021dbc775d835701c98779
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8303eeecda03d3ff1967ff13e659eba4e97c3a33f3d4c0c18cef4f4e96b8fea1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b41cd99a58244c5664fabe36fb47e50e075f893886ea7fa319f3adf33f2582
844512f2dc39fad657e2c45d2a7b216d306e1866da7a62df4caf103032c5a0bc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fb4470a22a62d741e6a0a369ffc0ec700784bb414f96f77a20255beaf087a1
86357424348aa174c7ab04c759c553c5fa57f3714454f6c755bcfbe5769326f5
8753197c2bf80c6d0b5cd2f2028c14bf6d79a45cff6857ea3d8c279dc128d917
875dcf95be3e2a30423fc11b29a88ec32972bb4911fc6144cf51d1ece0d7f18a
87fa826f70dc2f69df951ff0ebb2f308524f31c0bdf8570cc1d6cc85f9aa6b95
884db91561122e85450eef976ce1dead15c10df5ae5e49a4c7c36ce705cd3dbe
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
89fee80067e8671ca9b800cf7b3b549a21a242c56272ec075e21ebdb6eca708f
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2
8a93d15ad709b896da0391d442da439e03162a3d1936358736778c4d175819cc
8be5876e7de200de0f3e75c441f8dc56f96b90b00f70217a51cd3daf2a8f896b
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df74312f7ba8eabc42060688a6c5f9c727ff4e1e65fde7685115e482dca4003
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
90af7bc917e617c333b15d89c5bd5118ebec4055f3df0c2cf7484f4f88b93659
922a293fce4c3fb1526e1a5d8816602ef86fd581c3e438989416bc5c56ce9f0f
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93fd543268145b18319b3d6e3f13a178413f2f5da535a2c860d0f9e17388816f
94150fd8c1c72a0cc58ad35c9d56571a0be3463b9d553a90e67362f97d551ace
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
953113c48e58089e3bfe1728c0394b0733b12aec79aaddd9e9e8b2b3ac96fa95
956533d7bc8de6d0203726dce0bacf79ab40d1818f36fa82b2e3068dfeb48897
95670746ab05c2c486434a13fea927c3dae244c7c326923f851991a4cc2acd26
95d115af5c788b19e9e28f555f29f978ccf245c03921f00343ff838b31586222
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9642a7cd7d6e86b4b352d4a70dbe9d65ccf547bf2bcf27b7c888ca7cd4f82e6f
96a3443b5a8bcd4918ec3907d142c434efcb634e9193bcd0ad8e06a58af2af75
978b3c36d61e5c2fd93072f6d18d95436bd9c302c5d77d1bbd74f62fa5ceae1f
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b140a1169cc31b58a6a850f6fbdf31f96bff7a6136556766c7e61703482670d
9c2fa918a58fadf99d269a894eea5d87024020be5b7c0eab95deea1619929e7e
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675
9e0f23e68afa7c4cafbcb0f6533d92893fc241a6d285a57afaad3edd76722a05
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a380acc1e32bfa732e0c08aeb004ef5be43abed58024e42aa69495c61127e46d
a3bbf13e4d2461a91249f89b5f7c581117eafb6db650acf87fe81f3007e27277
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b649664bb02c7aa49c5a72b3e984e91a8b2f54176473345fc7365e02b335b7
a5b1ab9e64e8f8536a584a507c80a99e5917ec3cb372c0371f4ed948f60424ca
a649351f652adc12bed8508d1208fcbd383330ed6feac5f3b62c911214a9110b
a660c0b2cf593afb9d74a7e0d33efc6979d8e58608056fb31dc6e4a5a71a1797
a9d450666c9f71863e0fea031f1edcac73ed89a68863ec68c4048a9a6c4c6fc2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca9a74fe9948e0cda9ced7a949cce62aa6f896ae1a575eb6ab01e85dc77c839
acf092387103fd6780ae75acca7971b8476f66ecf62b31de0de6bb48b2d1e73e
ad394baefe7a3912e2446d8ae2dfddfc9a032aebfa672ba3764da480f41fed07
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef316686fd7fd39547fa8ffd64c18177dbd0e38f4f606adb68e9ea83fb2e8cd
af8603fa46fa0da9a41be970da3223db29eb4138bca759184c2f8fe89defc995
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b1d51e29207f355c0f93571882581f4ddab0b547dad3dfed1154abbfb3227435
b1f345fc4d4a92cd8efdc4ddb60046b41170f576def006a30ee29c8936ce42f9
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b280e5ef6d291327ff218468b6679f2a8f348d2472c1a6905ba965614595aa02
b2929c10f564d5dcc70c9f5cc2467163e93183de7c77bca59ba92471b8c29441
b2d516da8ca8d609bb854a4fbdba05748b189c6bd22cedef72ae13301c8dc1fa
b36d7853e6790baae8e066ba9bd9b43d38c27fa1db1e3e01c1470d4ec5ac512f
b3b68ef6ffb30c77f08ef7fdde5a28ffe5581635fa6eadef70e77e7fcab0750c
b3d19acaedbb34b8bd49f5a4457b6544de09b851fb20c366dc8312b04c84bc4e
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
b6cedeb17f0877b56cf94ef0bf81606ded07dd5efb18ec5b351fcf927a51aee8
b90e065cc3d7ae9c05d0f576847f6cb13261aa315e20aa77ac64a2d72d5ce0b9
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bb874631645ed7f078ccc40b3385e51e58284a6647fb71faedd9aa278ec9d7e5
bbc63669745624bc262b63274e3263aa754cfc2cc6d4cc4ae97814eca7f31153
bc1032836036e1bc00061c64c8a625fe47b9aece6db4af4fe488bf24d60d253b
bc5391516b656915c20c8e2dcf60325f2235bfb2fd1ddb65d3798e290f3e0356
bc58109e6f845a8f38b92dc577d31db3db08cfbbbea86f39f8ab4dc14ba9eb21
bcbc3e8177967b6713301b69a1c24e448abbd859f9864c068e8945144ef603d5
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
bd48a56070c3af9e25a8f34adc58f5e3743d38740734f46128b58ffe3da24280
bda1e724d1e0cbc7dada55513ba924c2dca17fbccb23e3d63ec846ef18398f95
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be8c4f245b08961a48b29107101da3ef28e9c2eb9a6a090c3d4e9babced6d9cd
bf54669cc8ab3d98edfd167bef37bd3c919c4d957ec4ac1016ef01a8e3c55c21
bf5cd27ad2de2853e5acd001e17f3f5d550061007c9ca0584b5a40d6b4072fb4
bf80b7ee15dc53332b6b3f4ed7edf1566e876f2e8bdebac138f9a02a7fbba1aa
c0c021c5bd2e030c6ed84a23ae701a5f211fd70a08a0914ee563d234633b9d3a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24a202756aaee2433a33ec19220bb60384f4abafe0298f56e7387a0a77870aa
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c42f819447dd37c4e596f14d0090e3479e7dfd28f78c510c887baa1ae779b00c
c5cf6ef33b1f1c9b4127aa3e7cbbdd3e9ffed4aab0e5653ae90f9ff5eedd580f
c5dc4f19b3f1f67f7ff08413a0e4c20fd9507712ee440939951953bd27747e14
c89bea8f90c7c22749b292948790d7e92ca96053d23e3a6622a1ac33c9061691
c8a9b4b8a6437a02e6224f1273e7e3ec1d1c78a2f1546b9f320fd0dc3b7ef77a
ca27b49dcaf6c7ccd0349fe39719560d621d767edf987a5aed9569491694a93e
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cbf97243c7e924bc7af6c2880e4e2b42829786f7bad57c0dbc32276b4bd9459e
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc98347eb67bf074d4255b4b60220be860ae72ac0e248c52927382898ad1b1c0
ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581
cce6245c16143f34e786f881c506095d8931bcca6928f2037855ac0fe423428e
cd2589ac007da8466262789edcaaec5a7098db6c4bcc1931a2ede547cb79cdd0
ce43f802dc7c161875bd6439eeec68f585d15ab78b9b13dd9328866d3ba8a344
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf86eb4a7abc0dc4e1cc4b75ee9d5c1132574fea5e3c89ba9169c77ea56fd991
cfafaa8b343156dab7030564439fbf5e43ab9b3ab164d774dab1767292c8fc41
d050d34d95266c42e79cb0df98e4b15fb25f4ea5b47ea5db08214bea40ad9280
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d3e37a252256529ab9ee6dbd88bc8675380841fdafd112d73fb5e96f6f64c302
d4f5ce1383621b5fa9e85147afff614ffbef85781cfa9cfd48b716d0602f3d93
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da4d20ce1e7d97aaf4f002ca45172c0d296feb3f924f611377294884aea01c44
db0ba7f5c1b57d0ba549c521e64fd43901acbfdcd65a21b42d59a8552762e1e9
ddf5eb6aae0cd7d755bd81890da89940b59df6582e74bdbd23edd4b75b15fd3f
def279e2f38ec8a4a1cad8a3723d6f413c3b3b043c6309295d3fe2a6cfe1d6f8
df92bbd028ab0ad0953c7e1dd6ac7137dcdbdcb169da9a30d8e38169b6bbe1a3
e025e517a55a0f2c4e6c8b54db18bc11b7f40b68f1c2936f9836973e330e1d0d
e02e1c4876697288c0ff5900c69d9b5f2a9d1118958813c682ecbbe469c1aee0
e036eee2a56f16060c857d1ca0f14e8abe9518cff6335e114ebaf1c6b2d440ba
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e1c5fba81b099d2d03c8307881d450ba2314574f46be140acbf7de276612b9bf
e29669f0da6d433ce276d7b4e6223a3e70a4e9d9c6bbc788ef7d2291bdab64eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495eef6b903e6de7362538861c8eb5c4267d909b6bc011663bca438329e041a
e600024f21bbdff0ede268acc13b91584c47de9061fb04978c61bd5d1103efe3
e6986e64ba58d6da382b209e0a9dfcaf1a3e51d302ac9210123a751c68a50d38
e6c250a5cdca6f37cd5a10c330002da4ffb269eb967f7bd93c76e6c962e9e6e9
e728809906b030015bc2fafff02937c03210aa0cf9a3bd281718b8805798f5db
e8ebfb0d17387ebd6571b3dbc4036eda34026b30f5827dfa2915f0eb005318f6
e8fa39d144bf0fc09d527f2eaedb1b14249cc80b2ce24dc79e4577778ea011d8
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9e2bee00254cf88831cdeda40df1704893485269c7ed3618453833d64c4d300
ea6d200899dda7f947680bda3804a1df64bbb89a6224a6c8420747aff32bb3b0
eb9785da0a16c2b952d3c30278bf776dcd2ffb2236c53c681067c8b3b40ed813
ec4d9113b63f9dc6c73736f92a596d5535d9a90c15566c49ac4c4c35cb104ca7
ec517aa25da687ae3107c1db068b693383aeeb172bc6b3ff227de70ebff69d1a
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09057ed1db27518f862dcefc307e3f6f3218e5244249bc9b291fc1018e7ea8f
f118f266b51ff24de02fc230411ec9578b35d7af267381d063763429d1dfb4be
f164b3efbaf1272ecf390c87993238dc0e09b31841fd8ba88693f21e726e8ab8
f18097986b2ca55173d7140ee04292d25aadad7ccdb83f207b7cbac17a6d00e1
f2eeff5ba8557c8518d9d3325c941fe5339e2f2228a13e64600cad42bb795170
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51534c417c04200e06a493da3ca31dc3ae30d023d9f46c7326e75438156f828
f52ebc79d66a4e92b191f0a6ab04a676fb04fb46cce3d0022ea5098813b5b83e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5bd9a991a33608e4f953ba4d211a4bffe198235474eb27fcd001a4ef8fa45c9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ff3e286198d8156c94960bd6757c24f1940aa396bfa86fe2431011198ce329
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f922aadccfdd269a9137edd0f627b8df235100e32c0fc3b3163b126b76e96bbd
f97c6a2baabddbacae99d9e9b222598fe2aa63f5afc27fe54ea2f48738f27fa0
fc180739ff5d55b694ab2a63f5e1d286ab5fdf117621c2e4ab20fac38fd5cb0c
fd34556b61496c7b6e67c835f6e9e986e39e68c6370de239ae5291fd794aeb54