promo.shenyun.com Open in urlscan Pro
35.227.247.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promo.shenyun.com/divine-culture-return/
Submission: On October 26 via api (October 26th 2024, 7:37:53 pm UTC) from LU — Scanned from DE

Summary HTTP 81 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 27 domains to perform 81 HTTP transactions. The main IP is 35.227.247.172, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is promo.shenyun.com.
TLS certificate: Issued by WR3 on October 21st 2024. Valid for: 3 months.

This is the only time promo.shenyun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	35.227.247.172 35.227.247.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
5	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	216.158.231.78 216.158.231.78	19318 (IS-AS-1) (IS-AS-1)
4	69.10.32.19 69.10.32.19	19318 (IS-AS-1) (IS-AS-1)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.25.1.160 52.25.1.160	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.92.193.16 52.92.193.16	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
3	172.175.38.6 172.175.38.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.225.254.168 44.225.254.168	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:e400:1c:2afd:fb00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.86.254.14 54.86.254.14	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:275... 2600:9000:275d:0:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
1 2	35.161.169.188 35.161.169.188	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b110:abb:fd8f:df0:3c75	14618 (AMAZON-AES) (AMAZON-AES)
1	44.199.88.89 44.199.88.89	14618 (AMAZON-AES) (AMAZON-AES)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
81	34

15 35.227.247.172 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.247.227.35.bc.googleusercontent.com

promo.shenyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.158.231.78 (United States)

ASN19318 (IS-AS-1, US)

tracking.shenyuntickets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.10.32.19 (Philadelphia, United States)

ASN19318 (IS-AS-1, US)
PTR: vda3400b.is.cc

marketing.shenyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

websitevisitorleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.1.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-1-160.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-jb5j6nt74q-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

14947439.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.193.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

data.processwebsitedata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fe.sitedataprocessing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.175.38.6 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.225.254.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-254-168.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e400:1c:2afd:fb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.254.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-254-14.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:0:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.161.169.188 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-169-188.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:abb:fd8f:df0:3c75 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.88.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-88-89.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	shenyun.com promo.shenyun.com marketing.shenyun.com	732 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	839 KB
6	liadm.com 1 redirects d-code.liadm.com — Cisco Umbrella Rank: 3396 idx.liadm.com — Cisco Umbrella Rank: 1307 b-code.liadm.com — Cisco Umbrella Rank: 3517 rp.liadm.com — Cisco Umbrella Rank: 925 rp4.liadm.com — Cisco Umbrella Rank: 5447	92 KB
6	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 k.clarity.ms — Cisco Umbrella Rank: 16360	29 KB
5	doubleclick.net 1 redirects 14947439.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 150 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	1 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 348	32 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
2	google.de www.google.de — Cisco Umbrella Rank: 11271	126 B
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 9321	868 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	466 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	1 KB
2	t.co t.co — Cisco Umbrella Rank: 859	1 KB
2	shenyuntickets.com tracking.shenyuntickets.com	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
1	usbrowserspeed.com a.usbrowserspeed.com — Cisco Umbrella Rank: 3106	148 B
1	sitedataprocessing.com fe.sitedataprocessing.com — Cisco Umbrella Rank: 38823	1 KB
1	processwebsitedata.com data.processwebsitedata.com — Cisco Umbrella Rank: 58498	6 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	88 KB
1	run.app server-side-tagging-jb5j6nt74q-uc.a.run.app	662 B
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 11465	194 B
1	websitevisitorleads.com websitevisitorleads.com — Cisco Umbrella Rank: 142172	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
81	27

	Domain	Requested by
15	promo.shenyun.com	promo.shenyun.com
9	www.googletagmanager.com	promo.shenyun.com www.googletagmanager.com
5	bat.bing.com	www.googletagmanager.com bat.bing.com
4	region1.analytics.google.com	www.googletagmanager.com
4	marketing.shenyun.com	www.googletagmanager.com promo.shenyun.com marketing.shenyun.com
3	k.clarity.ms	www.clarity.ms
3	www.clarity.ms	promo.shenyun.com www.clarity.ms
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com
2	p.alocdn.com	1 redirects
2	idx.liadm.com	d-code.liadm.com
2	www.facebook.com	promo.shenyun.com
2	bat.bing.net	bat.bing.com promo.shenyun.com
2	analytics.twitter.com	promo.shenyun.com
2	t.co	promo.shenyun.com
2	14947439.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	tracking.shenyuntickets.com	www.googletagmanager.com tracking.shenyuntickets.com
2	www.youtube.com	promo.shenyun.com www.youtube.com
2	connect.facebook.net	promo.shenyun.com connect.facebook.net
2	www.google-analytics.com	promo.shenyun.com www.google-analytics.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	d-code.liadm.com	fe.sitedataprocessing.com
1	a.usbrowserspeed.com	fe.sitedataprocessing.com
1	fe.sitedataprocessing.com	data.processwebsitedata.com
1	data.processwebsitedata.com	websitevisitorleads.com
1	s3-us-west-2.amazonaws.com	websitevisitorleads.com
1	ad.doubleclick.net	promo.shenyun.com
1	server-side-tagging-jb5j6nt74q-uc.a.run.app	www.googletagmanager.com
1	tvspix.com	promo.shenyun.com
1	websitevisitorleads.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	promo.shenyun.com
81	35

This site contains links to these domains. Also see Links.

Domain
tickets.shenyun.com
www.youtube.com

Subject Issuer	Validity	Valid
promo.shenyun.com WR3	`2024-10-21` - `2025-01-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-05` - `2024-11-03`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.shenyuntickets.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-28` - `2024-10-26`	a year	crt.sh
marketing.shenyun.com R11	`2024-10-13` - `2025-01-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
websitevisitorleads.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
*.a.run.app WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-09-29`	a year	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-09-14` - `2025-08-29`	a year	crt.sh
data.processwebsitedata.com Certainly Intermediate R1	`2024-10-06` - `2024-11-05`	a month	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-29`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://promo.shenyun.com/divine-culture-return/
Frame ID: 2881C5A94EE646FBC290B785789E1A04
Requests: 81 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpromo.shenyun.com
Frame ID: 5AAEF2BE8F4CAD816B8D1BBD9E8BC496
Requests: 1 HTTP requests in this frame

Frame: https://14947439.fls.doubleclick.net/activityi;dc_pre=CJWm5PXlrIkDFaaLgwcd3qE42Q;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9197092417z86215357za201zb6215357;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F
Frame ID: FC4C7EE11E311DCB4D01B2ECF89DDF86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shen Yun 2020 Tour

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

81
Requests

98 %
HTTPS

38 %
IPv6

27
Domains

35
Subdomains

34
IPs

4
Countries

2045 kB
Transfer

4808 kB
Size

38
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://tickets.shenyun.com/event/list/index/termIdText/site-shenyun-category-production-term-shenyun
Title: Tickets & Info

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ldfPa8GY8J0
Title: Trailer Video

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=FDwH56snRPo
Title: Video: Audience Reviews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=RsAYr28zlVM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0JwBQxKbzeo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://14947439.fls.doubleclick.net/activityi;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9197092417z86215357za201zb6215357;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F HTTP 302
https://14947439.fls.doubleclick.net/activityi;dc_pre=CJWm5PXlrIkDFaaLgwcd3qE42Q;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9197092417z86215357za201zb6215357;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F

Request Chain 72

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=ZRKH4W9-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fzrkh4w9%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25226380a4f6-8487-4a2a-b609-9d7fb7104cf1%2522%257D&title=Shen%20Yun%202020%20Tour&url=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=ZRKH4W9-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fzrkh4w9%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25226380a4f6-8487-4a2a-b609-9d7fb7104cf1%2522%257D&title=Shen%20Yun%202020%20Tour&url=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tdc=1

Request Chain 73

https://rp.liadm.com/j?dtstmp=1729971467989&se=e30&duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&tv=v3.3.1&pu=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&wpn=lc-bundle&wpv=v3.3.1&cd=.shenyun.com&pv=ead35465-62cc-4302-aa4e-3754507d79ed HTTP 302
https://rp4.liadm.com/j?dtstmp=1729971467989&se=e30&duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&tv=v3.3.1&pu=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&wpn=lc-bundle&wpv=v3.3.1&cd=.shenyun.com&pv=ead35465-62cc-4302-aa4e-3754507d79ed&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTA%3D

81 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promo.shenyun.com/divine-culture-return/ 15 KB
5 KB 297ms
204ms Document
text/html 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9125c3b4e268b72baaca9589abe5e974ceaa76bbfb62d8e3d62dfdc3b5e7d527

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=0s
content-encoding: gzip
content-length: 4894
content-type: text/html; charset=UTF-8
date: Sat, 26 Oct 2024 19:37:45 GMT
server: nginx
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 145ms
51ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=EB+Garamond

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8a53a664b746b635430e92c676e99e9fe8cce035557f42c324ba43ae9da4d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 19:37:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 26 Oct 2024 19:37:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 shenyun-experience-20180708.css
promo.shenyun.com/theme/shenyun/css/ 362 KB
196 KB 53ms
52ms Stylesheet
text/css 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc78599a737049e092bdecefd963bb80dfa6d70d0c57430b454e26094fe40213

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200933
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 08 Jul 2018 07:28:40 GMT
server: nginx

GET
H2 200 modify_20230925.css
promo.shenyun.com/theme/shenyun/css/ 34 KB
8 KB 112ms
112ms Stylesheet
text/css 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/theme/shenyun/css/modify_20230925.css?1
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 069e597ae001824cd2b81011aeba8784120f76911a52b248292b0cd010a4dcd1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8565
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 25 Sep 2023 06:01:57 GMT
server: nginx

GET
H2 200 default.css
promo.shenyun.com/theme/shenyun/css// 0
69 B 113ms
112ms Stylesheet
text/css 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/theme/shenyun/css//default.css?7
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=604800
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 23 Nov 2017 10:49:56 GMT
server: nginx

GET
H2 200 vendor.min.js Show response
promo.shenyun.com/theme/shenyun/js/min/ 241 KB
78 KB 116ms
115ms Script
application/javascript 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/theme/shenyun/js/min/vendor.min.js
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc185bf5a7198d282efd582a58af7c8da42a3dfad8c4f993b7d03d7d6f9410b1

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79350
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 08 Jan 2017 13:33:22 GMT
server: nginx

GET
H2 200 SYlogo-promo-page-2024.png
promo.shenyun.com/theme/shenyun/svg/ 28 KB
27 KB 155ms
155ms Image
image/png 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/svg/SYlogo-promo-page-2024.png
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 010dab42a97c2efb28fc3862ee50d94689d57e137cddae85c1ed90f6d8828240

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27954
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/png
last-modified: Sat, 29 Jul 2023 06:43:36 GMT
server: nginx

GET
H2 200 shenyun-zhuanshu.jpg
promo.shenyun.com/theme/shenyun/img/ 2 KB
2 KB 163ms
163ms Image
image/jpeg 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/img/shenyun-zhuanshu.jpg
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: edf0c093eb003e8ca299bd4976efe30b4ffa9cb2dcd1486edbcbb9d4220c8ac5

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1815
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/jpeg
last-modified: Sun, 08 Jan 2017 13:33:21 GMT
server: nginx

GET
H3 200 script-20221017.js Show response
promo.shenyun.com/theme/shenyun/js/min/main/ 33 KB
7 KB 51ms
51ms Script
application/javascript 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/theme/shenyun/js/min/main/script-20221017.js
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1de73de537078d156456d0c75f848f1bb44acb1b223fae246b4caaf5cef26088

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7255
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 17 Oct 2022 14:39:26 GMT
server: nginx

GET
H3 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v30/ 21 KB
21 KB 101ms
45ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v30/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=EB+Garamond

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

84c17105788a238a73b3eb0bfb1014d86bca1cb71e3f35fe2a4f3ff07b0061f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Origin: https://promo.shenyun.com
Referer: https://fonts.googleapis.com/

Response headers

age: 356854
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:30:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:30:11 GMT
last-modified: Thu, 26 Sep 2024 23:07:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21704
x-xss-protection: 0
server: sffe

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: gzip
age: 456
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 21:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 415 KB
132 KB 164ms
65ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

119857c786dfea01d5ca7aca9b88e20ba5b7c8d345c448846d679a0506c7bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 19:37:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134530
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 SY-title-promo-page-2024.png
promo.shenyun.com/theme/shenyun/svg/ 40 KB
39 KB 49ms
48ms Image
image/png 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/svg/SY-title-promo-page-2024.png
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/theme/shenyun/css/modify_20230925.css?1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 513b0911fb740a37d0a95093675d113610dd2daf137dae5576252b3d4183c2ea

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/theme/shenyun/css/modify_20230925.css?1

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40403
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/png
last-modified: Sat, 29 Jul 2023 06:43:36 GMT
server: nginx

GET
H3 200 frame-b-bg.jpg
promo.shenyun.com/theme/shenyun/img/ 150 KB
147 KB 68ms
68ms Image
image/jpeg 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/img/frame-b-bg.jpg
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce7b6db42e6911ab97d9a88ad4fee288ad4a637d34685fd807dd0577ba67af86

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150688
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/jpeg
last-modified: Thu, 16 Nov 2017 15:20:56 GMT
server: nginx

GET
H3 200 culture-video-thumb.jpg
promo.shenyun.com/theme/shenyun/img/ 29 KB
29 KB 86ms
86ms Image
image/jpeg 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/img/culture-video-thumb.jpg
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9ef03df6ffea80788fcd88977cd7c9add81f1f8513f720d4439adb2c19ca9e31

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29429
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/jpeg
last-modified: Thu, 16 Nov 2017 15:20:54 GMT
server: nginx

GET
H3 200 frame-a-bg-lg-2024.webp
promo.shenyun.com/theme/shenyun/img/ 151 KB
147 KB 98ms
98ms Image
image/webp 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/img/frame-a-bg-lg-2024.webp
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/theme/shenyun/css/modify_20230925.css?1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 92b4e1ecf6d77917e848888c52b0a8c2eb353f5bb240da343f8faa28ee89e319

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/theme/shenyun/css/modify_20230925.css?1

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150879
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/webp
last-modified: Mon, 25 Sep 2023 03:47:52 GMT
server: nginx

GET
H3 200 loading-spinning-bubbles.svg
promo.shenyun.com/theme/shenyun/svg/ 2 KB
350 B 96ms
96ms Image
image/svg+xml 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.shenyun.com/theme/shenyun/svg/loading-spinning-bubbles.svg
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 96c75454da9aabf8c85403253de0d1e0f267f94213d592a1acb6f3ab9706bdbe

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/theme/shenyun/css/shenyun-experience-20180708.css

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: image/svg+xml
last-modified: Sun, 08 Jan 2017 13:32:58 GMT
server: nginx

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ab213a66eacc7325272ac5d4b112000c07811d418e8da27a8ef8fbb8905520d

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Origin: https://promo.shenyun.com
Referer

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 659f17b9b22b2fce1e62d28ec0d2e3b9129c8dd170ef7c339df3bf401781738c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Origin: https://promo.shenyun.com
Referer

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 divine-culture-return.phtml Show response
promo.shenyun.com/views// 3 KB
1 KB 127ms
127ms XHR
text/html 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/views//divine-culture-return.phtml
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/theme/shenyun/js/min/vendor.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f2a659517649f0e1a405863405dc80fa798e7c871369d816ba46c2c26aa6c17d

Request headers

Referer: https://promo.shenyun.com/divine-culture-return/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Accept: */*

Response headers

cache-control: public, max-age=0s
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1334
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: text/html; charset=UTF-8
server: nginx

GET
DATA 200
OK truncated
/ 38 KB
38 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d029aef315efdffbf9b3a3c233c69d09c808fdf49cbe1a11f32900d49b99db5c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Origin: https://promo.shenyun.com
Referer

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6NZG6ERW09&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c04becded1489c4aeb6fe1caa2473d8fe83465a9c5f8c29094d0579569c6fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 19:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95252
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
110 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1ENQVSTJF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebff3620c205ebc6a4ff33bcfb788db7091fcdc4cfe46e2d406b10de8ee18faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 19:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112562
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 140ms
41ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Sat, 26 Oct 2024 19:37:46 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-muc13925-MUC
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 100ms
100ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-977179039&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3273efb29aa6cb773738141d9b0c04bec64ccdbd0aee46645fc87405fdd94d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 19:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99402
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 208ms
67ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3E58E89BF20741F89996CDD02803E911 Ref B: FRA31EDGE0815 Ref C: 2024-10-26T19:37:46Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sat, 26 Oct 2024 19:37:45 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 280 KB
96 KB 102ms
102ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10853810287&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c10c49f1c99f458e1bb89499cdbb19e8cf21cd147790c894e4c0e667eb83f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 19:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98518
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14947439&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5227661e549730b8d9d8e474132c0a00a1ff3cc2763209019e8d2c2c99dd2ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 19:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83794
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 93ms
41ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4445, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: DeOnh8Das75yDaPgkJo+F1sZ5tQ22x9zuXDOOljg1V8wIEfCRqxNkG1OvUrXgrX8n2W+r9eUThURPFWpzgswzA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 176ms
79ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

385ab9e107f7bd102c6229aeac62848250e3ea653bef4f7bd2e2f8535e7864ee

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Sat, 26 Oct 2024 19:37:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK __t2.js Show response
tracking.shenyuntickets.com/ 7 KB
3 KB 351ms
113ms Script
application/javascript 216.158.231.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.shenyuntickets.com/__t2.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.158.231.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1e262ca8f1f0770fb271ae35ff5c4cfa8192d841aed8075acb02b645d093b486

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2823
Keep-Alive: timeout=5, max=100
Date: Sat, 26 Oct 2024 19:37:46 GMT
Last-Modified: Thu, 13 Jun 2024 16:46:35 GMT
Vary: Accept-Encoding
Server: Apache/2.4.41 (Ubuntu)
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK 1.js Show response
marketing.shenyun.com/focus/ 66 KB
11 KB 462ms
225ms Script
application/javascript 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyun.com/focus/1.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Philadelphia, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash: 1ebec7ef2cf52dfe83cb7317a49a0622e63858b824c83bfa443ce15756e045a3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Cache-Control: max-age=0, must-revalidate, private
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Expires: Sat, 26 Oct 2024 19:37:46 GMT
Date: Sat, 26 Oct 2024 19:37:46 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Server: nginx
X-Powered-By: PHP/7.4.30

GET
H2 200 hqk1miuepw Show response
www.clarity.ms/tag/ 553 B
809 B 291ms
134ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hqk1miuepw
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c3298d2f3fcbec07fbb0e40d0982b846b3850987f7122c0843770862ef5dbb7f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/x-javascript
x-azure-ref: 20241026T193746Z-r1687d95c997258m3f66ed2ngw00000004a0000000000psr

GET
H2 200 l7gwxbw099 Show response
www.clarity.ms/tag/ 553 B
807 B 290ms
133ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/l7gwxbw099
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 276db550f03f858a3c055f3e9e577bf572ff2be0f3a8362cfbe3cbb92014601f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/x-javascript
x-azure-ref: 20241026T193746Z-r1687d95c997258m3f66ed2ngw00000004a0000000000psq

GET
H3 200 3468.js Show response
websitevisitorleads.com/px/ 1 KB
2 KB 110ms
51ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://websitevisitorleads.com/px/3468.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 29149394d6e153851fe247d6bba598476ba470343314b1535119737eac0801a7

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "fe72b1d02176da1:0"
age: 165
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CyGmJCKwRsc7%2FVgnU8NU7R6spYjlx8XEJwL9RSTUfPzMXO1gP8E0Hz%2F82WvNUTvT9LKlafqp8YAJ0LKj2KhiOkG6Vqr9LCHw3snz5I99lgsHhXswRSC6C2kE5bsUCUqvDWg0pnLhMtJZ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39480&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4123&recv_bytes=4250&delivery_rate=78211&cwnd=12000&unsent_bytes=0&cid=ffb628125495d81b&ts=57&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/x-javascript
last-modified: Thu, 14 Mar 2024 15:10:56 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d8ce71f4b0fbb9b-FRA
accept-ranges: bytes
content-length: 920
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 1047ms
213ms Image
image/png 52.25.1.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?&t=1729971466048&l=tvscientific-pix-o-96903f90-5217-48a0-8cbe-ae284fff1e1d&u3=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.25.1.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-1-160.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 68
date: Sat, 26 Oct 2024 19:37:47 GMT
pragma: no-cache
content-type: image/png

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 5AAE 0
0 147ms
60ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpromo.shenyun.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

accept-ranges: bytes
age: 20474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 13:56:32 GMT
expires: Sun, 26 Oct 2025 13:56:32 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
422 B 48ms
47ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1221568590&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&ul=de-de&de=UTF-8&dt=Shen%20Yun%202020%20Tour&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=759038118&gjid=1791853854&cid=1405510955.1729971466&tid=UA-16088546-3&_gid=1012812423.1729971466&_r=1&_slc=1&gtm=45He4ao0n715VWGVSv6215357za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101925628&npa=1&z=2102028172

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: text/plain
Referer: https://promo.shenyun.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 collect Show response
server-side-tagging-jb5j6nt74q-uc.a.run.app/g/ 65 B
662 B 336ms
235ms XHR
text/plain 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://server-side-tagging-jb5j6nt74q-uc.a.run.app/g/collect?v=2&tid=G-6NZG6ERW09&gtm=45je4ao0v9187725259z86215357za200zb6215357&_p=1729971465735&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1405510955.1729971466&ecid=892260854&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1729971465735&sst.ude=0&_s=1&sid=1729971466&sct=1&seg=0&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&dt=Shen%20Yun%202020%20Tour&en=page_view&_fv=1&_ss=1&ep.event_id=1729971465735.1&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.19%20Safari%2F537.36&tfd=975&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6NZG6ERW09&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 19:37:46 GMT
access-control-allow-origin: https://promo.shenyun.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: text/plain
server: Google Frontend

GET
H2

200

activityi;dc_pre=CJWm5PXlrIkDFaaLgwcd3qE42Q;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
14947439.fls.doubleclick.net/ Frame FC4C
Redirect Chain

https://14947439.fls.doubleclick.net/activityi;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
https://14947439.fls.doubleclick.net/activityi;dc_pre=CJWm5PXlrIkDFaaLgwcd3qE42Q;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805...

0
0

65ms
64ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14947439.fls.doubleclick.net/activityi;dc_pre=CJWm5PXlrIkDFaaLgwcd3qE42Q;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9197092417z86215357za201zb6215357;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14947439&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.shenyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 632
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 19:37:46 GMT
expires: Sat, 26 Oct 2024 19:37:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 19:37:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14947439.fls.doubleclick.net/activityi;dc_pre=CJWm5PXlrIkDFaaLgwcd3qE42Q;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9197092417z86215357za201zb6215357;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;psc...
ad.doubleclick.net/ 0
23 B 143ms
76ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14947439;type=invmedia;cat=syweb0;ord=1;num=9104074813945;npa=1;auiddc=1822053198.1729971466;ps=1;pcor=978158805;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ao0v9197092417z86215357za201zb6215357;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533421~101823848;epver=2;~oref=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F?

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 26 Oct 2024 19:37:46 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3619502691049801903"}],"aggregatable_trigger_data":[{"filters":{"14":["110301771"]},"key_piece":"0x5997368f4d2262b2","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x16ff7a5c61b5aa4b","not_filters":{"14":["110301771"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"debug_key":"8036870975220508298","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3619502691049801903","filters":{"14":["110301771"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"3619502691049801903","filters":{"14":["110301771"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"3619502691049801903","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"3619502691049801903","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["14947439"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 476904979116150 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 123ms
122ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/476904979116150?v=2.9.174&r=stable&domain=promo.shenyun.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

8b602b92171ef5ad2d3b24aa69df7e59c7129a620acb358dfcfa00cd5c3b4e2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-wH4W158O' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-wH4W158O' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=75, mss=1232, tbw=67869, tp=63, tpl=0, uplat=81, ullat=0
pragma: public
x-fb-debug: sxmkmihluOM1bvAr2yJwd3ASnNA/KACRqqYOYuVnOyCBMOgyJomWHrYrxko1dg/z8Mq0KTbRtBu//L2mcsMSGA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 adsct
t.co/1/i/ 43 B
469 B 239ms
165ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a4285383-8b85-4774-9f7b-42da8f155d80&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=33a8536a-e86a-419a-affd-8fe5be74bbd3&tw_document_href=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tw_iframe_status=0&txn_id=nw1o2&type=javascript&version=2.3.30

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 0f238c40ec188419
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 952c2870bdc6cfe66f7c7a220a74491ad4621358efe1fef633753c8cb7d3e351
cf-cache-status: DYNAMIC
cf-ray: 8d8ce720797de51b-TXL
x-response-time: 103
content-length: 43
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 237ms
142ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a4285383-8b85-4774-9f7b-42da8f155d80&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=33a8536a-e86a-419a-affd-8fe5be74bbd3&tw_document_href=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tw_iframe_status=0&txn_id=nw1o2&type=javascript&version=2.3.30

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: a0f4b31f1e92d17d
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6d00c3c03b6f8656566f3732aa514e332e687e4dbb9b4d9bd2851bae450b3f4e
x-response-time: 102
content-length: 43
date: Sat, 26 Oct 2024 19:37:45 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H2 200 adsct
t.co/1/i/ 43 B
626 B 232ms
158ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=22f94167-f94f-4b4f-b59c-19aa4724c51a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=33a8536a-e86a-419a-affd-8fe5be74bbd3&tw_document_href=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tw_iframe_status=0&txn_id=tw-nw1o2-on2j4&type=javascript&version=2.3.30

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: eb7e25a9396306f3
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 003fabb13314ce12bed6d7bbb87938d641fd7aa2b5d36a179101112658b099a4
cf-cache-status: DYNAMIC
cf-ray: 8d8ce7207977e51b-TXL
x-response-time: 104
content-length: 43
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
547 B 216ms
145ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=22f94167-f94f-4b4f-b59c-19aa4724c51a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=33a8536a-e86a-419a-affd-8fe5be74bbd3&tw_document_href=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tw_iframe_status=0&txn_id=tw-nw1o2-on2j4&type=javascript&version=2.3.30

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: f5f31082c0f44765
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6d00c3c03b6f8656566f3732aa514e332e687e4dbb9b4d9bd2851bae450b3f4e
x-response-time: 103
content-length: 43
date: Sat, 26 Oct 2024 19:37:45 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/fb725ac8/www-widgetapi.vflset/ 30 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fb725ac8/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
age: 35267
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 09:49:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 09:49:59 GMT
last-modified: Wed, 23 Oct 2024 04:16:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10143
x-xss-protection: 0
server: sffe

GET
H2 200 5066372.js Show response
bat.bing.com/p/action/ 2 KB
973 B 63ms
62ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5066372.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18161961c92acdcb7aff5bbe972c47bbe1f0bca5f94cc22b1c5600c5980369c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C4ABD4C93D704880AA9F615C788F556F Ref B: FRA31EDGE0815 Ref C: 2024-10-26T19:37:46Z
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 84ms
83ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/l7gwxbw099
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

x-azure-ref: 20241026T193746Z-r1687d95c997258m3f66ed2ngw00000004a0000000000pte
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 82d5a001-501e-0064-76ea-25df43000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

POST
H2 204 0
bat.bing.net/actionp/ 0
346 B 220ms
85ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5066372&tm=gtm002&Ver=2&mid=c7dcc9bc-be31-484c-beb6-29ec2101f635&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B8DF7EA0BF947C6BA14123DD5E9F42D Ref B: FRA31EDGE0817 Ref C: 2024-10-26T19:37:46Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 19:37:45 GMT

GET
H2 200 5066372 Show response
bat.bing.com/p/insights/t/ 763 B
926 B 138ms
138ms Script
application/x-javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/5066372

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/5066372.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

748f534879a87495e6b5e52e19a3145bda26597714e62cf30e44bd2a34237b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8171B0CF9D9146A1A37B91B01FB8FCCF Ref B: FRA31EDGE0815 Ref C: 2024-10-26T19:37:46Z
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 637
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-azure-ref: 20241026T193746Z-16b77fbcb5d8m7qf8a0f2pxn4400000000pg000000007x4d

GET
H2 204 0
bat.bing.net/action/ 0
120 B 219ms
86ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5066372&tm=gtm002&Ver=2&mid=c7dcc9bc-be31-484c-beb6-29ec2101f635&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Shen%20Yun%202020%20Tour&kw=shen%20yun%20show,%20classical%20Chinese%20dance,%20shen%20yun%20tour,%20shen%20yun%20trailer,%20shen%20yun%20chinese%20ballet,%20shen%20yun%20chinese%20dance,%20shen%20yun%20chinese%20dance%20show,%20china%20shen%20yun%20dance,%20asain%20ballet%20shen,%20shen%20yun%20ballet,%20shen%20yun%20dancers,%20shen%20yun%20dance,%20shen%20yun%20opera&p=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&r=&lt=607&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=606265
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 844A515EC1EF41D9AC5F9CFF4766FEB0 Ref B: FRA31EDGE0817 Ref C: 2024-10-26T19:37:46Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 19:37:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 130ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=476904979116150&ev=PageView&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&rl=&if=false&ts=1729971466364&sw=1600&sh=1200&ud[external_id]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1729971466363.243516580115393963&ler=empty&cdl=API_unavailable&it=1729971466223&coo=false&eid=1729971465735.1&rqm=GET

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2932, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 238ms
184ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=476904979116150&ev=PageView&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&rl=&if=false&ts=1729971466364&sw=1600&sh=1200&ud[external_id]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1729971466363.243516580115393963&ler=empty&cdl=API_unavailable&it=1729971466223&coo=false&eid=1729971465735.1&rqm=FGET

Requested by

Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430170869865282756"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x48cdefe04f5566bb","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1038748126224875"]},"debug_reporting":true,"debug_key":"2683518442273243173"}
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Xk+UUU8W1UmaasBMknFf/YWLK+nBV+J1uCMw6RervqE6EURAPvrjMbmGlkQCfEDEqbbZ4lZaBVrunoNalSLvcw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430170869865282756", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3250, tp=-1, tpl=-1, uplat=141, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H/1.1 200
OK page
tracking.shenyuntickets.com/ 0
234 B 121ms
117ms Ping
text/html 216.158.231.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.shenyuntickets.com/page?data=%7B%22eventType%22%3A%22pageload%22%2C%22uuid%22%3A%226bd98b45-07d4-3e6e-ccb2-b6b5cdc796ec%22%2C%22page%22%3A%22https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F%22%2C%22userId%22%3A0%2C%22siteId%22%3A0%2C%22storeId%22%3A0%2C%22eventId%22%3A0%2C%22scheduleId%22%3A0%2C%22category%22%3A%22%22%2C%22subCategory%22%3A%22%22%2C%22label%22%3A%22%22%2C%22value%22%3A%22%22%2C%22pageInitTime%22%3A1729971466402%2C%22onPageTime%22%3A0%2C%22pageHitCounter%22%3A1%2C%22crossDomainReferer%22%3A%22%22%2C%22externalReferer%22%3A%22%22%2C%22target%22%3A%22https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F%22%2C%22browserTime%22%3A%222024-10-26T21%3A37%3A46%22%2C%22browser%22%3A%7B%22uuid%22%3A%226bd98b45-07d4-3e6e-ccb2-b6b5cdc796ec%22%2C%22appName%22%3A%22Netscape%22%2C%22appCodeName%22%3A%22Mozilla%22%2C%22appVersion%22%3A%225.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.19%20Safari%2F537.36%22%2C%22cookieEnabled%22%3Atrue%2C%22geolocation%22%3A%7B%7D%2C%22language%22%3A%22de-DE%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22product%22%3A%22Gecko%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.19%20Safari%2F537.36%22%2C%22referrer%22%3A%22%22%2C%22screenSize%22%3A%221600x1200%22%2C%22browserTime%22%3A%222024-10-26T21%3A37%3A46%22%2C%22timezoneOffset%22%3A-120%2C%22isMobileDevice%22%3A%22%22%7D%2C%22googleTrackingCookie%22%3A%7B%22_ga%22%3A%22GA1.1.1405510955.1729971466%22%2C%22_gid%22%3A%22GA1.2.1012812423.1729971466%22%7D%7D
Requested by: Host: tracking.shenyuntickets.com
URL: https://tracking.shenyuntickets.com/__t2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.158.231.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://promo.shenyun.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=5, max=99
Date: Sat, 26 Oct 2024 19:37:46 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK mtc.js Show response
marketing.shenyun.com/ 98 KB
28 KB 263ms
214ms Script
application/javascript 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyun.com/mtc.js
Requested by: Host: promo.shenyun.com
URL: https://promo.shenyun.com/divine-culture-return/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Philadelphia, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash: b2853f4140cfec60d839500c5104721b33609785d847a28477fa89934693d1a4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Cache-Control: max-age=0, must-revalidate, private
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Expires: Sat, 26 Oct 2024 19:37:46 GMT
Date: Sat, 26 Oct 2024 19:37:46 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Server: nginx
X-Powered-By: PHP/7.4.30

GET
H2 200 0.7.49 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 66ms
65ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.49

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/5066372

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1f8f7541a2982d7df75f73d0234a3f2afdc8302f361078f883d25a3a574bae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
x-ms-version: 2018-03-28
etag: W/"0x8DCF3CA1B8E5043"
x-fd-int-roxy-purgeid: 51562430
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: application/javascript;charset=utf-8
last-modified: Thu, 24 Oct 2024 01:20:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9D8A321D41F4A8EB4FB0ED6850F4C4D Ref B: FRA31EDGE0815 Ref C: 2024-10-26T19:37:46Z
x-ms-request-id: 2128f385-201e-0051-0bbd-26b357000000
access-control-allow-origin: *
content-length: 15261
x-azure-ref: 20241026T193746Z-16465dc7448kqpvj40mwb0yvyg00000002x0000000004fvz

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ 88 KB
88 KB 666ms
234ms Script
application/javascript 52.92.193.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ge.js
Requested by: Host: websitevisitorleads.com
URL: https://websitevisitorleads.com/px/3468.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.193.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 632f0b8b5a2742509eb5a8c65ec57f9d95ddd94abf8b5d99e7ce1e742ced586b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

x-amz-id-2: ebQCb33xjmAtcWhld+9uI/GjzkoTyXmaTt2DEF9p5bHJWTe+daUrs2gNzr9FPmbRDFnHLe2bG0Y=
Cache-Control: max-age=2592000
ETag: "2d01acbc77d1e4955f90e97a821bdb9f"
x-amz-request-id: 0Z8ZSW952GRQJKJ8
Expires: Sun, 24 Nov 2024 18:25:50 GMT
Accept-Ranges: bytes
Content-Length: 90003
Date: Sat, 26 Oct 2024 19:37:48 GMT
Last-Modified: Fri, 25 Oct 2024 18:25:51 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 TyX2VKjr1N-65ef3d2a.js Show response
data.processwebsitedata.com/cscripts/ 14 KB
6 KB 148ms
49ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://data.processwebsitedata.com/cscripts/TyX2VKjr1N-65ef3d2a.js
Requested by: Host: websitevisitorleads.com
URL: https://websitevisitorleads.com/px/3468.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c286a641e0706dd7f9470813c808305dc57b421098aa084e07c270a62917aa47

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: gzip
etag: "fc6a3d5fda73da1:0"
age: 487
x-cache: MISS, HIT, HIT
date: Sat, 26 Oct 2024 19:37:46 GMT
last-modified: Mon, 11 Mar 2024 17:34:29 GMT
vary: Accept-Encoding
x-cache-hits: 0, 12, 1
content-type: application/javascript
x-served-by: cache-chi-kigq8000053-CHI, cache-chi-kigq8000110-CHI, cache-fra-etou8220068-FRA
cache-control: max-age=600
x-timer: S1729971467.651969,VS0,VE1
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 5761
server: Microsoft-IIS/10.0

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
281 B 466ms
129ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://promo.shenyun.com/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://promo.shenyun.com
Date: Sat, 26 Oct 2024 19:37:46 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 k Show response
bat.bing.com/p/insights/c/ 0
213 B 137ms
137ms XHR
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/k

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.49

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Accept: application/x-webinsights-gzip
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF6AEBBC024D4FED9634EEA5B44F23DF Ref B: FRA31EDGE0815 Ref C: 2024-10-26T19:37:46Z
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin: https://promo.shenyun.com
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 19:37:46 GMT
vary: Origin

GET
H2 200 ProcessStats.aspx Show response
fe.sitedataprocessing.com/fewv1/ 2 KB
1 KB 197ms
186ms Script
text/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//promo.shenyun.com&host_name=promo.shenyun.com&page=/divine-culture-return/&query_string=&anchor=&title=Shen%2520Yun%25202020%2520Tour&cur_sess_id=&cur_visitor_id=&h=21&m=37&s=46&account_id=TyX2VKjr1N&dgmt=Sat,%2026%20Oct%202024%2019:37:46%20GMT&vresol=1600x1200&ref=
Requested by: Host: data.processwebsitedata.com
URL: https://data.processwebsitedata.com/cscripts/TyX2VKjr1N-65ef3d2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 857f9da0e0f082bb2882e62cf9c86836e854cc93752e47d02f108baf61f5b163

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: private
x-aspnet-version: 4.0.30319
content-encoding: gzip
x-timer: S1729971467.715421,VS0,VE148
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, MISS, MISS
content-length: 953
date: Sat, 26 Oct 2024 19:37:46 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-chi-klot8100148-CHI, cache-chi-klot8100045-CHI, cache-fra-etou8220068-FRA
server: Microsoft-IIS/10.0
x-cache-hits: 0, 0, 0
vary: Accept-Encoding

POST
H/1.1 200
OK event Show response
marketing.shenyun.com/mtc/ 116 B
1 KB 512ms
512ms XHR
application/json 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyun.com/mtc/event
Requested by: Host: marketing.shenyun.com
URL: https://marketing.shenyun.com/mtc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Philadelphia, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash: 4b21ceb9111ea53279f510c671873341cf9f44b5d82709a7557b101d65e72c6f

Request headers

Referer: https://promo.shenyun.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Authorization, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Max-Age: 36000
Cache-Control: max-age=0, must-revalidate, private
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS, GET, POST, OPTIONS
Expires: Sat, 26 Oct 2024 19:37:47 GMT
Access-Control-Allow-Origin: https://promo.shenyun.com
Date: Sat, 26 Oct 2024 19:37:47 GMT
Content-Type: application/json
Vary: Accept-Encoding
Server: nginx
X-Powered-By: PHP/7.4.30

OPTIONS
H/1.1 204
No Content event
marketing.shenyun.com/mtc/ Frame 0
0 343ms
116ms Preflight
text/html 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyun.com/mtc/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Philadelphia, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://promo.shenyun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Authorization Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS GET, POST, OPTIONS
Access-Control-Allow-Origin: https://promo.shenyun.com
Access-Control-Max-Age: 36000
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 26 Oct 2024 19:37:47 GMT
Server: nginx
X-Powered-By: PHP/7.4.30

GET
H2 204 cs Show response
a.usbrowserspeed.com/ 0
148 B 676ms
234ms Script
text/plain 44.225.254.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.usbrowserspeed.com/cs?pid=6a9590e1e862a56eb7dc74c87ff0719c6ae754ea069fe1e0dcccfce1ce896bab&puid=TyX2VKjr1N-5YkRjheyMyce7XhTRzco0nf90RMbCwc
Requested by: Host: fe.sitedataprocessing.com
URL: https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//promo.shenyun.com&host_name=promo.shenyun.com&page=/divine-culture-return/&query_string=&anchor=&title=Shen%2520Yun%25202020%2520Tour&cur_sess_id=&cur_visitor_id=&h=21&m=37&s=46&account_id=TyX2VKjr1N&dgmt=Sat,%2026%20Oct%202024%2019:37:46%20GMT&vresol=1600x1200&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.225.254.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-254-168.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

date: Sat, 26 Oct 2024 19:37:47 GMT
server: awselb/2.0

GET
H2 200 did-003x.min.js Show response
d-code.liadm.com/ 134 KB
46 KB 154ms
42ms Script
application/javascript 2600:9000:2156:e400:1c:2afd:fb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d-code.liadm.com/did-003x.min.js
Requested by: Host: fe.sitedataprocessing.com
URL: https://fe.sitedataprocessing.com/fewv1/ProcessStats.aspx?host=https%3A//promo.shenyun.com&host_name=promo.shenyun.com&page=/divine-culture-return/&query_string=&anchor=&title=Shen%2520Yun%25202020%2520Tour&cur_sess_id=&cur_visitor_id=&h=21&m=37&s=46&account_id=TyX2VKjr1N&dgmt=Sat,%2026%20Oct%202024%2019:37:46%20GMT&vresol=1600x1200&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e400:1c:2afd:fb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1deb0d019900a458ad3adf3c5e3d7f76ff7d9544a04c75fb472b57b745f590bc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 75010
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: QCYiX7E5AdZko6MnjHAJbP5nDs-6fKOJeqLZNFUUl3l1SOokoN3S8w==
date: Fri, 25 Oct 2024 22:47:37 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: FRA50-C1

GET
H2 204 any Show response
idx.liadm.com/idex/did-003x/ 0
372 B 375ms
123ms XHR
text/plain 54.86.254.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-003x/any?duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&did=did-003x&cd=.shenyun.com&pu=https%3A%2F%2Fpromo.shenyun.com%2F&pv=ead35465-62cc-4302-aa4e-3754507d79ed&resolve=nonId&resolve=md5&resolve=sha2

Requested by

Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-003x.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.254.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-254-14.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3599, private
trace-id: 5cd12b502bafff57
request-time: 3
access-control-allow-credentials: true
expires: Sat, 26 Oct 2024 20:37:47 GMT
access-control-allow-origin: https://promo.shenyun.com
date: Sat, 26 Oct 2024 19:37:47 GMT
vary: Origin

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 132 KB
45 KB 147ms
45ms Script
application/javascript 2600:9000:275d:0:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:0:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1ff2991706993698d865d20f119aaedb13a5b28b845876b2eac96ba565564dff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 74906
via: 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: arkuzCqddEgmI6nPIzen4P7ATJ2DPHaXMB89DDgX_ud3AGV32_z2ZQ==
date: Fri, 25 Oct 2024 22:49:21 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P11

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
281 B 129ms
127ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://promo.shenyun.com/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://promo.shenyun.com
Date: Sat, 26 Oct 2024 19:37:47 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 72731 Show response
idx.liadm.com/idex/unknown/ 0
371 B 136ms
136ms XHR
text/plain 54.86.254.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&cd=.shenyun.com&pu=https%3A%2F%2Fpromo.shenyun.com%2F&pv=ead35465-62cc-4302-aa4e-3754507d79ed&qf=0.2&resolve=md5

Requested by

Host: d-code.liadm.com
URL: https://d-code.liadm.com/did-003x.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.254.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-254-14.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3599, private
trace-id: be0641e888df9383
request-time: 2
access-control-allow-credentials: true
expires: Sat, 26 Oct 2024 20:37:47 GMT
access-control-allow-origin: https://promo.shenyun.com
date: Sat, 26 Oct 2024 19:37:47 GMT
vary: Origin

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 376 KB
122 KB 59ms
59ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-1ENQVSTJF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a825cb91a517ad2e9b4d9b984bc2b15d38309bdda6b97b8c9a40c1081415f89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 19:37:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 124798
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 319 KB
106 KB 64ms
63ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-M0D0QPNMZX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0dd960587b16b53ab131b979a31a4c58d4913d1e3cca6be78d58c1ca7168780f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 19:37:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108592
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 favicon.ico
promo.shenyun.com/ 3 KB
3 KB 51ms
50ms Other
image/x-icon 35.227.247.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.shenyun.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.247.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.247.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b304454b08bf9a8a78b5305bf6d7ea85e7d11c375df6e49d53ca77f425813d8

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/divine-culture-return/

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
date: Sat, 26 Oct 2024 19:37:47 GMT
content-type: image/x-icon
last-modified: Tue, 17 Jan 2017 10:34:28 GMT
server: nginx

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=ZRKH4W9-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fzrkh4w9%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=ZRKH4W9-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fzrkh4w9%252Fge.js%2522%252C...

42 B
350 B

255ms
255ms

Image
image/gif

35.161.169.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=ZRKH4W9-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fzrkh4w9%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25226380a4f6-8487-4a2a-b609-9d7fb7104cf1%2522%257D&title=Shen%20Yun%202020%20Tour&url=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tdc=1
Protocol: H2
Server: 35.161.169.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-169-188.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: image/GIF
server: nginx/1.20.1

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=ZRKH4W9-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fzrkh4w9%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25226380a4f6-8487-4a2a-b609-9d7fb7104cf1%2522%257D&title=Shen%20Yun%202020%20Tour&url=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&tdc=1
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: image/GIF
server: nginx/1.20.1

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1729971467989&se=e30&duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&tv=v3.3.1&pu=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&wpn=lc-bundle&wpv=v3.3.1&cd=...
https://rp4.liadm.com/j?dtstmp=1729971467989&se=e30&duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&tv=v3.3.1&pu=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&wpn=lc-bundle&wpv=v3.3.1&cd...

13 B
348 B

383ms
119ms

XHR
application/json

44.199.88.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1729971467989&se=e30&duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&tv=v3.3.1&pu=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&wpn=lc-bundle&wpv=v3.3.1&cd=.shenyun.com&pv=ead35465-62cc-4302-aa4e-3754507d79ed&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTA%3D
Protocol: H2
Server: 44.199.88.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-88-89.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

x-pixel-event-id: ef495ada-1b54-4626-8616-82f461a5032a
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: null
content-length: 13
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: application/json

Redirect headers

access-control-allow-origin: https://promo.shenyun.com
location: https://rp4.liadm.com/j?dtstmp=1729971467989&se=e30&duid=695bdd977528--01jb55bcv14v74dtv4n1yvxyr8&tv=v3.3.1&pu=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&wpn=lc-bundle&wpv=v3.3.1&cd=.shenyun.com&pv=ead35465-62cc-4302-aa4e-3754507d79ed&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTA%3D
content-length: 0
access-control-expose-headers: *
date: Sat, 26 Oct 2024 19:37:48 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 135ms
47ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M0D0QPNMZX&gtm=45je4ao0v9126987740z86215357za200zb6215357&_p=1729971465735&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1405510955.1729971466&ecid=2017947607&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729971468&sct=1&seg=0&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&dt=Shen%20Yun%202020%20Tour&en=GA4_French_PromoSite_Scroll&_fv=1&_ss=1&epn.Scroll%20Depth=0&tfd=2870
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-M0D0QPNMZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
546 B 152ms
53ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0D0QPNMZX&cid=1405510955.1729971466&gtm=45je4ao0v9126987740z86215357za200zb6215357&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-M0D0QPNMZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 1119ms
1064ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0D0QPNMZX&cid=1405510955.1729971466&gtm=45je4ao0v9126987740z86215357za200zb6215357&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848&tag_exp=101533422~101823848&z=2006937009

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 26 Oct 2024 19:37:49 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 101ms
49ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1ENQVSTJF6&gtm=45je4ao0v9104691272z86215357za200zb6215357&_p=1729971465735&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1405510955.1729971466&ecid=2138761091&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729971468&sct=1&seg=0&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&dt=Shen%20Yun%202020%20Tour&en=GA4_ShenYunCom_Scroll&_fv=1&_ss=1&epn.percent_scrolled=0&tfd=2906
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1ENQVSTJF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 117ms
55ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1ENQVSTJF6&cid=1405510955.1729971466&gtm=45je4ao0v9104691272z86215357za200zb6215357&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1ENQVSTJF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:48 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 256ms
241ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1ENQVSTJF6&cid=1405510955.1729971466&gtm=45je4ao0v9104691272z86215357za200zb6215357&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533421~101823848&tag_exp=101533421~101823848&z=319463918

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 26 Oct 2024 19:37:48 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
281 B 129ms
127ms XHR
text/plain 172.175.38.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://promo.shenyun.com/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://promo.shenyun.com
Date: Sat, 26 Oct 2024 19:37:49 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 128ms
127ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M0D0QPNMZX&gtm=45je4ao0v9126987740z86215357za200zb6215357&_p=1729971465735&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=1405510955.1729971466&ecid=2017947607&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1729971468&sct=1&seg=0&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&dt=Shen%20Yun%202020%20Tour&en=GA4_French_PromoSite_Scroll&epn.Scroll%20Depth=10&_et=2&tfd=7876
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-M0D0QPNMZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:53 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 91ms
91ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1ENQVSTJF6&gtm=45je4ao0v9104691272z86215357za200zb6215357&_p=1729971465735&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1405510955.1729971466&ecid=2138761091&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1729971468&sct=1&seg=0&dl=https%3A%2F%2Fpromo.shenyun.com%2Fdivine-culture-return%2F&dt=Shen%20Yun%202020%20Tour&en=GA4_ShenYunCom_Scroll&epn.percent_scrolled=10&_et=2&tfd=7916
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1ENQVSTJF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Referer: https://promo.shenyun.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://promo.shenyun.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 19:37:53 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 10:08:51	Name: lidid Value: 696c8ff3-dd54-43d5-ac4c-85121ec0d147
.shenyun.com/	1970-01-21 02:42:27	Name: _gcl_au Value: 1.1.1822053198.1729971466
.shenyun.com/	1970-01-21 00:34:17	Name: _gid Value: GA1.2.1012812423.1729971466
.shenyun.com/	1970-01-21 00:32:51	Name: _gat_UA-16088546-3 Value: 1
.shenyun.com/	1970-01-21 10:08:51	Name: _ga_6NZG6ERW09 Value: GS1.1.1729971466.1.0.1729971466.0.0.892260854
.shenyun.com/	1970-01-21 10:08:51	Name: _ga Value: GA1.1.1405510955.1729971466
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: X3EuLUJuyx0
.youtube.com/	1970-01-21 04:52:03	Name: VISITOR_INFO1_LIVE Value: H6_usQ66SLI
.youtube.com/	1970-01-21 04:52:03	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgaA%3D%3D
.doubleclick.net/	1970-01-21 01:16:03	Name: ar_debug Value: 1
.shenyun.com/	1970-01-21 02:42:27	Name: _fbp Value: fb.1.1729971466363.243516580115393963
.shenyun.com/	1970-01-21 04:08:55	Name: __mktuuid Value: 6bd98b45-07d4-3e6e-ccb2-b6b5cdc796ec
.shenyun.com/	1970-01-21 04:08:55	Name: __mktuuid_ga Value: 1
.doubleclick.net/	1970-01-21 09:54:27	Name: IDE Value: AHWqTUkCJQZwWABnDu5WmoClpIRtBu4VkuyTvFlSBuZ3hulfBt3ymxI1epa9h1H5FZM
.t.co/	1970-01-21 10:08:51	Name: muc_ads Value: e8af676d-54a1-460a-b425-364ec62519e9
.t.co/	1970-01-21 00:32:53	Name: __cf_bm Value: MC19n7VFZHdsH5ds2DTHKuzcVQhrIZ6R0r0.M7vfhjA-1729971466-1.0.1.1-OYna4qHeWb4MqOopfUSqhkwCcZm8Jh4Q8NkqnP5.zV5m8Z2xsIDgCWNLHJBz5tstXPqN6h8d4cfjxpVXFthFjw
.twitter.com/	1970-01-21 10:08:51	Name: guest_id_marketing Value: v1%3A172997146639393750
.twitter.com/	1970-01-21 10:08:51	Name: guest_id_ads Value: v1%3A172997146639393750
.twitter.com/	1970-01-21 10:08:51	Name: personalization_id Value: "v1_gYlvdGtXZCnGKJYUt8OcGg=="
.twitter.com/	1970-01-21 10:08:51	Name: guest_id Value: v1%3A172997146639393750
promo.shenyun.com/	1970-01-21 00:32:53	Name: vv_session_id Value: 5YkRjheyMyce7XhTRzco0nf90RMbCwcAl60tg7RUwR0kvA
promo.shenyun.com/	1970-01-21 10:08:51	Name: vv_visitor_id Value: 5YkRjheyMyce7XhTRzco0nf90RMbCwc
.shenyun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .shenyun.com
.shenyun.com/	1970-01-21 10:08:51	Name: _lc2_fpi Value: 695bdd977528--01jb55bcv14v74dtv4n1yvxyr8
.liadm.com/	1970-01-21 10:08:51	Name: lidid Value: 696c8ff3-dd54-43d5-ac4c-85121ec0d147
.a.usbrowserspeed.com/	1970-01-21 09:18:27	Name: tuid Value: 33e624f8-0577-4d1a-adfc-29e23fd1f0aa
marketing.shenyun.com/	1970-01-21 09:18:27	Name: mautic_device_id Value: z903z5ehr661use94ywnw85
marketing.shenyun.com/	1969-12-31 23:59:59	Name: mtc_id Value: 82399438
marketing.shenyun.com/	1969-12-31 23:59:59	Name: mtc_sid Value: z903z5ehr661use94ywnw85
marketing.shenyun.com/	1970-01-21 00:32:53	Name: mautic_referer_id Value: 136567361
promo.shenyun.com/	1969-12-31 23:59:59	Name: mtc_id Value: 82399438
promo.shenyun.com/	1969-12-31 23:59:59	Name: mtc_sid Value: z903z5ehr661use94ywnw85
promo.shenyun.com/	1969-12-31 23:59:59	Name: mautic_device_id Value: z903z5ehr661use94ywnw85
promo.shenyun.com/	1970-01-21 04:52:03	Name: _geuid Value: 6380a4f6-8487-4a2a-b609-9d7fb7104cf1
promo.shenyun.com/	1970-01-21 04:52:03	Name: _geps Value: true
.shenyun.com/	1970-01-21 10:08:51	Name: _ga_M0D0QPNMZX Value: GS1.1.1729971468.1.0.1729971468.60.0.2017947607
.shenyun.com/	1970-01-21 10:08:51	Name: _ga_1ENQVSTJF6 Value: GS1.1.1729971468.1.0.1729971468.60.0.2138761091
.alocdn.com/	1970-01-21 09:18:27	Name: uuid Value: c077a20c-be0b-4ae0-ad2d-ee2539e96339

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14947439.fls.doubleclick.net
a.usbrowserspeed.com
ad.doubleclick.net
analytics.twitter.com
b-code.liadm.com
bat.bing.com
bat.bing.net
connect.facebook.net
d-code.liadm.com
data.processwebsitedata.com
fe.sitedataprocessing.com
fonts.googleapis.com
fonts.gstatic.com
idx.liadm.com
k.clarity.ms
marketing.shenyun.com
p.alocdn.com
promo.shenyun.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s3-us-west-2.amazonaws.com
server-side-tagging-jb5j6nt74q-uc.a.run.app
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.shenyuntickets.com
tvspix.com
websitevisitorleads.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.youtube.com
104.244.42.3
142.250.185.230
142.250.185.67
142.250.186.166
142.250.186.40
151.101.65.91
157.240.0.6
172.175.38.6
172.217.16.131
172.66.0.227
188.114.97.3
199.232.188.157
2001:4860:4802:32::35
2001:4860:4802:32::36
216.158.231.78
2600:1f18:730:b110:abb:fd8f:df0:3c75
2600:9000:2156:e400:1c:2afd:fb00:93a1
2600:9000:275d:0:8:8845:1500:93a1
2620:1ec:33::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::200e
2a00:1450:4001:827::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c04::9c
2a03:2880:f177:185:face:b00c:0:25de
35.161.169.188
35.227.247.172
44.199.88.89
44.225.254.168
52.25.1.160
52.92.193.16
54.86.254.14
69.10.32.19
010dab42a97c2efb28fc3862ee50d94689d57e137cddae85c1ed90f6d8828240
069e597ae001824cd2b81011aeba8784120f76911a52b248292b0cd010a4dcd1
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0dd960587b16b53ab131b979a31a4c58d4913d1e3cca6be78d58c1ca7168780f
119857c786dfea01d5ca7aca9b88e20ba5b7c8d345c448846d679a0506c7bb52
18161961c92acdcb7aff5bbe972c47bbe1f0bca5f94cc22b1c5600c5980369c1
1ab213a66eacc7325272ac5d4b112000c07811d418e8da27a8ef8fbb8905520d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1de73de537078d156456d0c75f848f1bb44acb1b223fae246b4caaf5cef26088
1deb0d019900a458ad3adf3c5e3d7f76ff7d9544a04c75fb472b57b745f590bc
1e262ca8f1f0770fb271ae35ff5c4cfa8192d841aed8075acb02b645d093b486
1ebec7ef2cf52dfe83cb7317a49a0622e63858b824c83bfa443ce15756e045a3
1ff2991706993698d865d20f119aaedb13a5b28b845876b2eac96ba565564dff
276db550f03f858a3c055f3e9e577bf572ff2be0f3a8362cfbe3cbb92014601f
29149394d6e153851fe247d6bba598476ba470343314b1535119737eac0801a7
3273efb29aa6cb773738141d9b0c04bec64ccdbd0aee46645fc87405fdd94d4b
385ab9e107f7bd102c6229aeac62848250e3ea653bef4f7bd2e2f8535e7864ee
4b21ceb9111ea53279f510c671873341cf9f44b5d82709a7557b101d65e72c6f
4b304454b08bf9a8a78b5305bf6d7ea85e7d11c375df6e49d53ca77f425813d8
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
513b0911fb740a37d0a95093675d113610dd2daf137dae5576252b3d4183c2ea
5227661e549730b8d9d8e474132c0a00a1ff3cc2763209019e8d2c2c99dd2ded
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
632f0b8b5a2742509eb5a8c65ec57f9d95ddd94abf8b5d99e7ce1e742ced586b
635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731
659f17b9b22b2fce1e62d28ec0d2e3b9129c8dd170ef7c339df3bf401781738c
6c10c49f1c99f458e1bb89499cdbb19e8cf21cd147790c894e4c0e667eb83f40
748f534879a87495e6b5e52e19a3145bda26597714e62cf30e44bd2a34237b48
7c04becded1489c4aeb6fe1caa2473d8fe83465a9c5f8c29094d0579569c6fba
84c17105788a238a73b3eb0bfb1014d86bca1cb71e3f35fe2a4f3ff07b0061f8
857f9da0e0f082bb2882e62cf9c86836e854cc93752e47d02f108baf61f5b163
8b602b92171ef5ad2d3b24aa69df7e59c7129a620acb358dfcfa00cd5c3b4e2e
9125c3b4e268b72baaca9589abe5e974ceaa76bbfb62d8e3d62dfdc3b5e7d527
92b4e1ecf6d77917e848888c52b0a8c2eb353f5bb240da343f8faa28ee89e319
96c75454da9aabf8c85403253de0d1e0f267f94213d592a1acb6f3ab9706bdbe
9ef03df6ffea80788fcd88977cd7c9add81f1f8513f720d4439adb2c19ca9e31
a1f8f7541a2982d7df75f73d0234a3f2afdc8302f361078f883d25a3a574bae4
a825cb91a517ad2e9b4d9b984bc2b15d38309bdda6b97b8c9a40c1081415f89e
a8a53a664b746b635430e92c676e99e9fe8cce035557f42c324ba43ae9da4d55
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2853f4140cfec60d839500c5104721b33609785d847a28477fa89934693d1a4
c286a641e0706dd7f9470813c808305dc57b421098aa084e07c270a62917aa47
c3298d2f3fcbec07fbb0e40d0982b846b3850987f7122c0843770862ef5dbb7f
cc78599a737049e092bdecefd963bb80dfa6d70d0c57430b454e26094fe40213
ce7b6db42e6911ab97d9a88ad4fee288ad4a637d34685fd807dd0577ba67af86
d029aef315efdffbf9b3a3c233c69d09c808fdf49cbe1a11f32900d49b99db5c
dc185bf5a7198d282efd582a58af7c8da42a3dfad8c4f993b7d03d7d6f9410b1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
ebff3620c205ebc6a4ff33bcfb788db7091fcdc4cfe46e2d406b10de8ee18faa
edf0c093eb003e8ca299bd4976efe30b4ffa9cb2dcd1486edbcbb9d4220c8ac5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2a659517649f0e1a405863405dc80fa798e7c871369d816ba46c2c26aa6c17d

promo.shenyun.com Open in urlscan Pro 35.227.247.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

98 %HTTPS

38 %IPv6

27 Domains

35 Subdomains

34 IPs

4 Countries

2045 kBTransfer

4808 kBSize

38 Cookies

5 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promo.shenyun.com Open in urlscan Pro
35.227.247.172 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

98 %
HTTPS

38 %
IPv6

27
Domains

35
Subdomains

34
IPs

4
Countries

2045 kB
Transfer

4808 kB
Size

38
Cookies

81 HTTP transactions
3 data transactions