wickedthemusical.com Open in urlscan Pro
35.171.141.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wickedthemusical.com/
Submission Tags: phishingrod
Submission: On December 14 via api (December 14th 2023, 12:46:06 am UTC) from DE — Scanned from DE

Summary HTTP 143 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 35 domains to perform 143 HTTP transactions. The main IP is 35.171.141.94, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wickedthemusical.com. The Cisco Umbrella rank of the primary domain is 884158.
TLS certificate: Issued by R3 on December 13th 2023. Valid for: 3 months.

This is the only time wickedthemusical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	35.171.141.94 35.171.141.94	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:fa43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:2250:4800:15:2f34:53c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.111.146.217 34.111.146.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
4 8	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
7	92.123.104.139 92.123.104.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.142.80 35.244.142.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
7	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2.19.216.231 2.19.216.231	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	35.244.160.208 35.244.160.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2 3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 2	54.74.69.97 54.74.69.97	16509 (AMAZON-02) (AMAZON-02)
1 1	54.174.79.84 54.174.79.84	14618 (AMAZON-AES) (AMAZON-AES)
143	39

31 35.171.141.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-141-94.compute-1.amazonaws.com

wickedthemusical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:fa43 (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:4800:15:2f34:53c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1rx0dtgjk9kr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.146.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.146.111.34.bc.googleusercontent.com

chat.satis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.38 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

2179121.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5549924.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5451832.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 92.123.104.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-139.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.216.231 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-231.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.160.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.160.244.35.bc.googleusercontent.com

prod-satisfilabs-resources-gcs.satis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.102 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.69.97 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-69-97.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.79.84 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-79-84.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	wickedthemusical.com 1 redirects wickedthemusical.com — Cisco Umbrella Rank: 884158	706 KB
22	doubleclick.net 12 redirects 2179121.fls.doubleclick.net 5549924.fls.doubleclick.net — Cisco Umbrella Rank: 372264 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 5451832.fls.doubleclick.net	9 KB
17	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93 fcmatch.google.com — Cisco Umbrella Rank: 3300	2 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 324	156 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	147 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	265 KB
6	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557 match.adsrvr.org — Cisco Umbrella Rank: 331	3 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	280 B
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 715	3 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	795 B
5	satis.fi chat.satis.fi — Cisco Umbrella Rank: 29216 prod-satisfilabs-resources-gcs.satis.fi — Cisco Umbrella Rank: 30724	62 KB
4	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4040	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	366 KB
4	cloudfront.net d1rx0dtgjk9kr3.cloudfront.net	79 KB
3	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5541 pixel.sojern.com — Cisco Umbrella Rank: 8452	1 KB
3	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3612	19 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2548	123 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	21 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 548	530 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1349	415 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 15810	388 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	98 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	571 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 3289	432 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	393 B
1	t.co t.co — Cisco Umbrella Rank: 589	377 B
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 22660	261 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2554	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	851 B
143	35

	Domain	Requested by
31	wickedthemusical.com	1 redirects wickedthemusical.com
10	cdn.cookielaw.org	wickedthemusical.com cdn.cookielaw.org
7	adservice.google.com	5549924.fls.doubleclick.net 2179121.fls.doubleclick.net 5451832.fls.doubleclick.net
7	region1.analytics.google.com	www.googletagmanager.com
7	analytics.tiktok.com	wickedthemusical.com analytics.tiktok.com
6	ad.doubleclick.net	6 redirects
6	connect.facebook.net	wickedthemusical.com connect.facebook.net 5549924.fls.doubleclick.net 2179121.fls.doubleclick.net
5	www.facebook.com	wickedthemusical.com 2179121.fls.doubleclick.net 5549924.fls.doubleclick.net
5	ct.pinterest.com	s.pinimg.com wickedthemusical.com
5	www.google.de	wickedthemusical.com
4	tag.yieldoptimizer.com	1 redirects 2179121.fls.doubleclick.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	2179121.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	wickedthemusical.com www.googletagmanager.com www.google-analytics.com
4	d1rx0dtgjk9kr3.cloudfront.net	wickedthemusical.com
3	cm.g.doubleclick.net	2 redirects 2179121.fls.doubleclick.net
3	insight.adsrvr.org	wickedthemusical.com js.adsrvr.org
3	chat.satis.fi	wickedthemusical.com chat.satis.fi
3	fast.fonts.net	wickedthemusical.com fast.fonts.net
2	5451832.fls.doubleclick.net	1 redirects 2179121.fls.doubleclick.net
2	dpm.demdex.net	1 redirects 2179121.fls.doubleclick.net
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2179121.fls.doubleclick.net
2	pixel.sojern.com	2179121.fls.doubleclick.net
2	prod-satisfilabs-resources-gcs.satis.fi	chat.satis.fi
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	www.google.com	wickedthemusical.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	5549924.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	sync.srv.stackadapt.com	1 redirects
1	d.turn.com	1 redirects
1	tag.adaraanalytics.com	2179121.fls.doubleclick.net
1	idsync.rlcdn.com	2179121.fls.doubleclick.net
1	ib.adnxs.com	2179121.fls.doubleclick.net
1	fcmatch.youtube.com	2179121.fls.doubleclick.net
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	2179121.fls.doubleclick.net
1	analytics.twitter.com	wickedthemusical.com
1	t.co	wickedthemusical.com
1	www.rtb123.com	wickedthemusical.com
1	cdn.pdst.fm	wickedthemusical.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	fonts.googleapis.com	wickedthemusical.com
143	48

This site contains links to these domains. Also see Links.

Domain
www.wickedthemusical.co.uk
wickedthemusical.com.au
www.shiki.jp
www.wickedthemusicalstore.com
tickets.broadwaydirect.com
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.tiktok.com
www.capitalone.com
www.broadwaygreen.com
www.nbcuniversal.com
support.google.com
support.apple.com
support.mozilla.org
support.microsoft.com
policies.google.com
tools.google.com
www.adobe.com
mixpanel.com
www.aboutads.info
youradchoices.ca
www.youronlinechoices.com
www.youronlinechoices.com.au
liveramp.com
www.onetrust.com

Subject Issuer	Validity	Valid
wickedthemusical.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.satis.fi Sectigo RSA Domain Validation Secure Server CA	`2023-10-17` - `2024-10-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-22` - `2023-12-21`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
rtb123.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2023-06-25` - `2024-07-26`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://wickedthemusical.com/
Frame ID: 0A006F115FF0CBA51DA1AEAA4F722FB8
Requests: 107 HTTP requests in this frame

Frame: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F
Frame ID: 669D917E429105B48A1C5FB3F0023268
Requests: 23 HTTP requests in this frame

Frame: https://5549924.fls.doubleclick.net/activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F
Frame ID: C0097E89DACE36BE98B92B93CC32E486
Requests: 5 HTTP requests in this frame

Frame: https://2179121.fls.doubleclick.net/activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F
Frame ID: 1B010DE6086EE6B844789F8BAA42D5D5
Requests: 2 HTTP requests in this frame

Frame: https://5451832.fls.doubleclick.net/activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665
Frame ID: 6F016441CFBE22EF466203DACAB31A13
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ne6bxp1&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=7097zv2&upv=1.1.0
Frame ID: 5155CC36CDEBBB84B11B0FEA4EF28D47
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=m7hla2z&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=gwhirxm&upv=1.1.0
Frame ID: DF0A4FF1770ECCCF4BBEE73D61361C6E
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2D3B3AEB40F98F465538D9B6181E67F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked The Musical | Official Broadway SiteBack ButtonSearch IconFilter Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

143
Requests

92 %
HTTPS

45 %
IPv6

35
Domains

48
Subdomains

39
IPs

7
Countries

1933 kB
Transfer

5487 kB
Size

41
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wickedthemusical.co.uk/book-tickets/
Title: London Tickets

Search URL Search Domain Scan URL

URL: https://www.wickedthemusical.co.uk/tour/
Title: UK Tour

Search URL Search Domain Scan URL

URL: https://wickedthemusical.com.au/
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.shiki.jp/applause/wicked/
Title: Tokyo

Search URL Search Domain Scan URL

URL: http://www.wickedthemusicalstore.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704258
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704259
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704260
Title: 8:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704262
Title: 2:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704261
Title: 8:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704263
Title: 2:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704264
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-704265
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: http://www.wickedthemusical.co.uk/london
Title: London

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Wickedthemusical

Search URL Search Domain Scan URL

URL: https://twitter.com/wicked_musical

Search URL Search Domain Scan URL

URL: https://www.youtube.com/subscription_center?add_user=OfficialWICKED

Search URL Search Domain Scan URL

URL: http://instagram.com/wicked_musical

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@wicked_musical

Search URL Search Domain Scan URL

URL: https://www.capitalone.com/credit-cards/benefits/entertainment/?external_id=WWW_XXXXX_XXX_SEM-Brand_Google_ZZ_ZZ_T_DiningEntertainment_ZZ_ab9581dd-776a-4e24-8ccd-cadeaf1cff81_86890&target_id=kwd-328044054622&gclid=CjwKCAjwqZSlBhBwEiwAfoZUICqwtO-G5oAcz-80NqdhI3JD5QZ73HKKf_SD6Qwa8EYwf_-hJMBNkxoCdyoQAvD_BwE

Search URL Search Domain Scan URL

URL: http://www.broadwaygreen.com/

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271?_gl=1*1nw4uz8*_ga*OTQwNDcwMTUuMTY4NzUzNjI2OA..*_ga_2TH76WHGSC*MTY5MDM4NjM2NS4xLjEuMTY5MDM5NTUwNC4zNC4wLjA.

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy?intake=Universal_Pictures
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies#accordionheader2
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?intake=Universal_Pictures
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/terms?intake=Universal_Pictures
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/brands
Title: its affiliates

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=en&p=cpn_cookies
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-gb/HT201265
Title: Apple Safari

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirectlocale=en-US&redirectslug=Enabling+and+disabling+cookies
Title: Mozila Firefox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Title: Microsoft Internet Explorer

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout
Title: Google Analytics Opt-Out

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/analytics.html
Title: Omniture’s Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/opt-out.html
Title: Omniture’s Opt-Out

Search URL Search Domain Scan URL

URL: https://mixpanel.com/privacy/
Title: Mixpanel’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://mixpanel.com/optout/
Title: Mixpanel’s Opt-Out

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: Digital Advertising Alliance in the US

Search URL Search Domain Scan URL

URL: https://youradchoices.ca/choices/
Title: Digital Advertising Alliance of Canada

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/
Title: European Interactive Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com.au/your-ad-choices/
Title: Australian Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: Facebook Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Title: Facebook’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/personalization
Title: Twitter’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: Liveramp’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://liveramp.com/opt_out/
Title: Liveramp Opt-Out Page

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://wickedthemusical.com/api/calendar/events/future-tags HTTP 301
https://wickedthemusical.com/api/calendar/events/future-tags/

Request Chain 52

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F HTTP 302
https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Request Chain 53

https://5549924.fls.doubleclick.net/activityi;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F HTTP 302
https://5549924.fls.doubleclick.net/activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Request Chain 79

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F HTTP 302
https://2179121.fls.doubleclick.net/activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Request Chain 97

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1162&sg=WICK&pg=ot& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=537186141&t=s&p=1162&sg=WICK&pg=ot&

Request Chain 116

https://ad.doubleclick.net/ddm/activity/src=9836704;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=A8oL8anuDBeqWwYaqc3TYQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i&sjrn_ula=903923083 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i&sjrn_ula=903923083&google_gid=CAESELzPcQRTzCPRc2WQ3QPqdMU&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_hm=A8oL8anuDBeqWwYaqc3TYQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDooaKFJHGj513AJEsp2CguV1SKgt2oqnGLKKWb3BNj9FxEHzkBWIZMkiKH4FdSMWgDuFqlJ0Ewzbp7p3QNf-y2lYgWrS1ipYfse3iN9lMCTQwT97qxI HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDooaKFJHGj513AJEsp2CguV1SKgt2oqnGLKKWb3BNj9FxEHzkBWIZMkiKH4FdSMWgDuFqlJ0Ewzbp7p3QNf-y2lYgWrS1ipYfse3iN9lMCTQwT97qxI

Request Chain 121

https://c1.adform.net/serving/cookie/match?cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=5165886723373762969&cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361

Request Chain 126

https://ad.doubleclick.net/ddm/activity/src=8546338;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Request Chain 127

https://ad.doubleclick.net/ddm/activity/src=8546338;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Request Chain 128

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3126466868122066706

Request Chain 129

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3017993348013&gdpr=&gdprconsent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017993348013&gdpr=&gdprconsent=

Request Chain 130

https://sync.srv.stackadapt.com/sync?nid=adara&gdpr=&gdpr_consent=& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=bP3ephG9W-dP-6vA76DEYlFfBSo

Request Chain 132

https://5451832.fls.doubleclick.net/activityi;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665 HTTP 302
https://5451832.fls.doubleclick.net/activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665

143 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wickedthemusical.com/ 82 KB
19 KB 327ms
92ms Document
text/html 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 98b1725f459034cdd8400f0ced84a6d2b1b38992f8bf13ca787523a123f7b23a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-encoding: gzip
content-length: 19349
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 00:46:00 GMT
expires: Thu, 14 Dec 2023 00:46:00 GMT
last-modified: Wed, 13 Dec 2023 23:53:06 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/ 21 KB
8 KB 40ms
22ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4d669f0396d1fc4e3e3c5d1fe6217f71a74ed78d6b420f376d331d515514b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 80
content-md5: VpEAewnOpvlMffCyoBoh7A==
content-length: 7129
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 17:35:17 GMT
server: cloudflare
etag: 0x8DB36C549C6B864
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: be22c91b-101e-008a-7fa4-0b6232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d687bc93835-FRA
expires: Fri, 15 Dec 2023 00:46:01 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 35ms
17ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 85515
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 40af8f39-a01e-0026-3083-f0719b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83526d687f2f3645-FRA

GET
H2 200 sbi-styles.min.css
wickedthemusical.com/wp-content/plugins/instagram-feed/css/ 24 KB
3 KB 93ms
91ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1.6
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-607e"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.min.css
wickedthemusical.com/wp/wp-includes/css/dist/block-library/ 95 KB
11 KB 95ms
93ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.2.3
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-17ced"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 classic-themes.min.css
wickedthemusical.com/wp/wp-includes/css/ 291 B
299 B 175ms
174ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/css/classic-themes.min.css?ver=6.2.3
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-123"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
fast.fonts.net/cssapi/ 5 KB
1 KB 495ms
463ms Stylesheet
text/css 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce50c3ddb962ac8242bf562751b465d706d19c13a96bce9112cf37fdf2c76db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime: 1524751285
date: Thu, 14 Dec 2023 00:46:01 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Feb 2021 22:13:58 GMT
server: cloudflare
x-amz-request-id: X87WKVYWRXAZ8EZ7
etag: W/"8b0ef70a7185eb8784fc7b0ef5b3e90e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300
cf-ray: 83526d6899969064-FRA
x-amz-id-2: 3MdCokn0f6l5sLf7Jp39dNTnD7Ii4YYLFUFnno1bTsN+kDEfd1692OPyr/WgX8PfZ2mi7NM1I5+VWnDOfr0gYg==
expires: Thu, 14 Dec 2023 00:51:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
851 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbe84d9cac20a501eb5dc1de30ade0618a275e517fcce24c7f935db1830af100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 23:44:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H2 200 main-b6512ca234.css
wickedthemusical.com/wp-content/themes/wicked/dist/styles/ 346 KB
43 KB 176ms
175ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b39089861f39a7212f79aa6b4a3540d162aa898fe84069856de6455508eee4c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-56900"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
wickedthemusical.com/wp/wp-includes/js/jquery/ 88 KB
30 KB 185ms
184ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-15ed7"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery-migrate.min.js Show response
wickedthemusical.com/wp/wp-includes/js/jquery/ 13 KB
5 KB 185ms
184ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-3470"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 wicked_logo.png
d1rx0dtgjk9kr3.cloudfront.net/wp-content/themes/wicked/dist/images/ 52 KB
52 KB 443ms
404ms Image
image/png 2600:9000:2250:4800:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/themes/wicked/dist/images/wicked_logo.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8110fec8953967ec64d619493efbd07f1f0640746e6aee93298985a3b0e61db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
etag: "652d782d-ce7f"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 52863
x-amz-cf-id: mQ1XXj_7k5btB9N8zI1f3msAlYTQfd0k_4ivk3VvdeQaNKJUdo805w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
97 KB 56ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c708e8ed43f58bea91c9e6a0565b882798935f3579640d5e5f9a04265b00755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99379
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H2 200 552e6466-df7a-40e0-93c1-dc4129b84302.json Show response
cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/ 4 KB
2 KB 22ms
22ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/552e6466-df7a-40e0-93c1-dc4129b84302.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a1e6b3fa6da6aa1874ccd12f654a652ae5681b7aa7b7e7fdcf6b126e08a7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 80
content-md5: H8WRatNwBhf5fTShqI92rg==
content-length: 1660
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 17:35:39 GMT
server: cloudflare
etag: 0x8DB36C557092381
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 96923834-c01e-0030-39d0-21874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d689be03835-FRA
expires: Fri, 15 Dec 2023 00:46:01 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
235 B 77ms
61ms Script
text/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 83526d6bbfe54db1-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 41ms
23ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 83526d68ecc437c6-FRA
access-control-allow-headers: Content-Type

GET
H2 200 capital-one-logo-white.png
d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/ 21 KB
21 KB 299ms
299ms Image
image/png 2600:9000:2250:4800:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/capital-one-logo-white.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 50d68134803430f1729e9927426d636c1b75662fe24bd1706a4d2166ef682087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jul 2023 20:26:56 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
etag: "64a5d210-5376"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 21366
x-amz-cf-id: wCKSPVUtPgI-HFjoVT7bfaAaFiBLW3Z4Ya_a6SUwvIwbvmJcFOnkmQ==

GET
H2 200 bga-logo.png
d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/ 2 KB
2 KB 117ms
117ms Image
image/png 2600:9000:2250:4800:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/bga-logo.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d0368be2b71c0c2fb9e6b1b1e946a13b18b47f531f4151b536f613477b9b6d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jul 2023 20:28:24 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
etag: "64a5d268-6ca"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1738
x-amz-cf-id: D3R02fGZfmOG6oe7gXVnYY5lRPqdDEtu5BTJZnAH2LZhZhbS77QdfA==

GET
H2 200 broadwaydirect-logo.webp
d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/ 3 KB
4 KB 396ms
394ms Image
image/webp 2600:9000:2250:4800:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/broadwaydirect-logo.webp
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1f3c87ba47b56f47598b859329db45ed981071aaf2f887e0f385e5745af16118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jul 2023 17:27:14 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3372
x-amz-cf-id: N3wU7lDhMwZN0CTJCLBmKx8MQbh8JzqI4n1yDH5rty0sZfYfhl4rtg==
expires: Fri, 12 Apr 2024 00:46:01 GMT

GET
H2 200 ticket-calendar-1f567e1720.js Show response
wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/scripts/ 207 KB
67 KB 99ms
99ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/scripts/ticket-calendar-1f567e1720.js?ver=2.0
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: f7ce91e2bb9a685435527b75513cc130f4fee6ec5c7f28efd9fbeab2781bcc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:40 GMT
server: nginx
etag: W/"652d782c-33a82"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 main-e8681cdf49.js Show response
wickedthemusical.com/wp-content/themes/wicked/dist/scripts/ 139 KB
40 KB 97ms
97ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/scripts/main-e8681cdf49.js
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 63b3bea0e5718a1a04e529b9b3f3248e481b44c3615da8d928b771a177ccdbae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-22a75"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 wp-polyfill-inert.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/vendor/ 8 KB
2 KB 122ms
120ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-1feb"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 regenerator-runtime.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/vendor/ 6 KB
2 KB 123ms
120ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-19cf"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 wp-polyfill.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/vendor/ 17 KB
6 KB 123ms
121ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-459f"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 dom-ready.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 498 B
436 B 123ms
121ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-1f2"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 hooks.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 5 KB
2 KB 123ms
121ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-132e"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 i18n.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 10 KB
4 KB 123ms
121ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-27f6"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 a11y.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 2 KB
1012 B 124ms
122ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: W/"652d782d-9cc"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery.json.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/js/ 2 KB
1004 B 123ms
122ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.10
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-72c"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 gravityforms.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/js/ 46 KB
13 KB 123ms
122ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.10
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-b6a5"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 placeholders.jquery.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 124ms
122ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.7.10
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-121f"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 utils.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/ 40 KB
12 KB 124ms
122ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=1329f9a0886f2ff3fb51c6f17277eb75
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d03515268b17a0cbf88cd38aa108e0770a23e1338d22d2dc9e9a38ca6a89311b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-9fdc"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 vendor-theme.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/ 17 KB
6 KB 124ms
123ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-430c"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 scripts-theme.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/ 4 KB
2 KB 124ms
123ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=443293948084ca0fe29518ebcd01dc6b
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1f751d3740ea83b3d42100e1bf23b0b17d5b4c4ff3bdf9badd42ba03a814896f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:39 GMT
server: nginx
etag: W/"652d782b-f14"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 embedder Show response
chat.satis.fi/popup/ 166 KB
54 KB 201ms
121ms Script
application/javascript 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/popup/embedder
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb716fedf797a1d2d8c46deed804f97881304cfaebc13e905f1848f268cbf49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
via: 1.1 google
server: Microsoft-IIS/10.0
etag: 4494147E9FBCD45D95644B39D209F69E
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55100

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 15ms
15ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 80
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7532104a-301e-0079-760a-15c5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d6badda3835-FRA

GET
H2 200 1.css
fast.fonts.net/t/ 0
223 B 19ms
18ms Stylesheet
text/css 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=37f28718-6d56-406d-bb1b-cf3fa5cc2b6e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 4F14B9EE1DNS6DCH
age: 481391
content-length: 0
x-amz-id-2: lRrwgwg7gtiwTbOmfuzsSPD5pnlemUyWNJ+tjDtIsaSIopwUimNO8Za0Tsy55c/NbZ+RV1O1Qno=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 83526d6b7aec9064-FRA
x-amz-meta-mtime: 1519217722

GET
H2 200 logo-6.png
wickedthemusical.com/wp-content/uploads/2019/05/ 48 KB
48 KB 124ms
123ms Image
image/png 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/uploads/2019/05/logo-6.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ead365bafa451211d6ce383395fdaf22943af479aa5eda7615581e6b0e81e65a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
last-modified: Tue, 03 Oct 2023 19:57:05 GMT
server: nginx
etag: "651c7211-be3d"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 48701

GET
H2 200 Wicked_LinguificationLibrary.jpeg
wickedthemusical.com/wp-content/uploads/2021/09/ 51 KB
51 KB 124ms
123ms Image
image/jpeg 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/uploads/2021/09/Wicked_LinguificationLibrary.jpeg
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 610cff2c96722ead24487039f6fa6de3161a9b3d8561cc09e0abab2ccc6430f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
last-modified: Tue, 08 Nov 2022 16:01:16 GMT
server: nginx
etag: "636a7d4c-cd05"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 52485

GET
H2 200 slide-image-1-685x630.png
wickedthemusical.com/wp-content/uploads/2018/04/ 179 KB
179 KB 124ms
123ms Image
image/png 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/uploads/2018/04/slide-image-1-685x630.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e32957744ae7d7362c0513a4346a63dd350132483b4282ef84912f66ccd86e77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
last-modified: Tue, 08 Nov 2022 15:55:40 GMT
server: nginx
etag: "636a7bfc-2cbb7"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 183223

GET
H2 200 arrow-green.png
wickedthemusical.com/wp-content/themes/wicked/dist/images/ 215 B
353 B 118ms
118ms Image
image/png 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/images/arrow-green.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a616c05df0242158ec4650bdbb42e3b093ec6cdcb11416e3aab079c119965f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
etag: "652d782d-d7"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 215

GET
H2 200 520ed712-50ad-4591-aa63-b242b83a3694.woff2
fast.fonts.net/dv2/14/ 17 KB
18 KB 446ms
424ms Font
application/octet-stream 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/520ed712-50ad-4591-aa63-b242b83a3694.woff2?d44f19a684109620e484157ba790e81816499089734fbd8e6abfc352469fbcd9cb812f3be187fae8936cdd8a6d5ef13de0c889367c5f695398befba20c15acea955316aef2e1e3e05bd1a897ee0676b9dd76974f3c2b5303d2a8ed773ccfea4cbdfce3f8fd91f06a43d659b5f6fe6438f5238cff5ef2adc9&projectId=37f28718-6d56-406d-bb1b-cf3fa5cc2b6e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2bf166f3ec51fb4f4f30863527658488e638f5c34f5b7374de3aaac9383be7

Request headers

Referer: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 14 Dec 2023 00:51:01 GMT
date: Thu, 14 Dec 2023 00:46:01 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: 47GR0CQE7Q9G9M97
content-length: 17364
x-amz-id-2: wE1HE2RMUH4WrKu2Mhts3ficgWbdKa/olGLGCEoCxbcb7b5AHyaqtesUYmLfh3nkhirAxmgQD5Q=
last-modified: Fri, 13 Nov 2020 15:15:57 GMT
server: cloudflare
etag: "ec7dd7a7bc55c3bd9f1c72dc25399b2d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 83526d6bdd5f5c02-FRA
x-amz-meta-mtime: 1440053553

GET
H2 200 fa-solid-900.woff2
wickedthemusical.com/wp-content/themes/wicked/dist/fonts/ 76 KB
77 KB 205ms
205ms Font
application/octet-stream 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/fonts/fa-solid-900.woff2
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f

Request headers

Referer: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 00:46:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:36:20 GMT
x-content-type-options: nosniff
age: 205781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 15:36:20 GMT

GET
H2 200 fa-brands-400.woff2
wickedthemusical.com/wp-content/themes/wicked/dist/fonts/ 75 KB
75 KB 206ms
205ms Font
application/octet-stream 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/fonts/fa-brands-400.woff2
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb

Request headers

Referer: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-b6512ca234.css
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2023 17:51:41 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 00:46:01 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 15:57:03 GMT
x-content-type-options: nosniff
age: 118138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:57:03 GMT

GET
H2

200

/ Show response
wickedthemusical.com/api/calendar/events/future-tags/
Redirect Chain

https://wickedthemusical.com/api/calendar/events/future-tags
https://wickedthemusical.com/api/calendar/events/future-tags/

38 KB
3 KB

95ms
94ms

XHR
text/html

35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/api/calendar/events/future-tags/
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 35600e2bfb0c420c0d7e3a9f13e83dd03dc3b0beb54344386ab7a08c3d8a8b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 23:52:52 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
accept-ranges: bytes
content-length: 2622
expires: Thu, 14 Dec 2023 00:46:01 GMT

Redirect headers

date: Thu, 14 Dec 2023 00:46:01 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/html; charset=iso-8859-1
location: https://wickedthemusical.com/api/calendar/events/future-tags/
cache-control: max-age=0
content-length: 269
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/1281e891-45ed-459d-a8cd-d1b1aed94bc5/ 90 KB
20 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/1281e891-45ed-459d-a8cd-d1b1aed94bc5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f631d5455f589ef074281c0677aaadf301d5489ad8b81798e36d371bba3c761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 46218
content-md5: mCwul+G5nXMRWWTpitThag==
content-length: 20518
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 17:35:43 GMT
server: cloudflare
etag: 0x8DB36C55900D88B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b7660b5a-701e-000a-390c-129d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d6bee0b3835-FRA
expires: Fri, 15 Dec 2023 00:46:01 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 13 KB
3 KB 19ms
19ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xx897lTVYGjMQiwuGCrzDA==
age: 42723
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
server: cloudflare
etag: 0x8DA87805972EF22
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e42a7c81-101e-0051-2ea1-13a40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d6c1e283835-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 62 KB
13 KB 18ms
18ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 444ho/eGhWdN7ej7RCW2zw==
age: 42723
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13253
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AD77A2D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3507d502-601e-0039-6b18-15c29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d6c1e2a3835-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 17ms
17ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 42723
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c0a555c4-101e-006e-6dff-216cac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83526d6c1e2b3835-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
94 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8421fbd0e65e75bb12f2c05e2335c999dc218b3d80f103759fd497702e76676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 55ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 06:08:18 GMT
Content-Encoding: gzip
Via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 67064
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: CpUHdbN_dAoMM9zoOkXqBPdvkXdG90L7R7MYRN72-_wroWVsoSHQlQ==

GET
H2

200

activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;... Show response
2179121.fls.doubleclick.net/ Frame 669D
Redirect Chain

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa...
https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=1...

3 KB
2 KB

175ms
174ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

aeb7b8f80308a830f9fa6aabf3ffae4991d6044713993043dca442ed14040d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:01 GMT
expires: Thu, 14 Dec 2023 00:46:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=... Show response
5549924.fls.doubleclick.net/ Frame C009
Redirect Chain

https://5549924.fls.doubleclick.net/activityi;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;ua...
https://5549924.fls.doubleclick.net/activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l...

1 KB
982 B

53ms
53ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5549924.fls.doubleclick.net/activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

b7a6901459b0de874ef450c7a52190c1892bd3adf047ce49c9de3c00b23da991

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 643
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:01 GMT
expires: Thu, 14 Dec 2023 00:46:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5549924.fls.doubleclick.net/activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 44ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230023-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/951685876/ 3 KB
2 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951685876/?random=1702514761638&cv=11&fst=1702514761638&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v577380&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwickedthemusical.com%2F&label=krl8CO75t3oQ9KXmxQM&hn=www.googleadservices.com&frm=0&tiba=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&us_privacy=error&auid=1331752118.1702514762&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e186e172cadf1b08c7a05c1b0f7a2797921cd64ba62a991596bf0884de78f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 42ms
8ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
x-cdn: fastly
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1793

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 179ms
163ms Script
application/javascript 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5O9M5LQ5ECR7VU4EUN0&lib=ttq
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 43d52dc7940c3c55544e6884a818dfe56ea9d01e7422595d8c5dabd332d3b85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: deb88da
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231214004601B515B306B00EAEAD9622-54DFA87D789570A1-00
x-cache: TCP_MISS from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=21, origin; dur=128
content-length: 1540
pragma: no-cache
server: nginx
x-tt-logid: 20231214004601B515B306B00EAEAD9622
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 128,23.67.40.11
x-tt-trace-host: 010c3377514175418f161c1730aeed1c88f911c471bea6d3d7e45c36ba4a3b7656493e989d196925351fe9d3787b263552f1574a0d086b4c3009ac04dd5e54f308cc049eddc86b1a4c440c523cedd0ec594b85354a91ad1c986fa46d6ae697c9a5
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 29ms
13ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:46:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: /1ahHlNgNYy2pCbC0svkQ6cDDLOYA6KLYllkLQ6X28RYPMMpWdNx0qPbIu4DEZEcwa29vuUjgLeK2gG9GDtHxg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 57ms
8ms Script
application/javascript 35.244.142.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:18:00 GMT
content-encoding: gzip
age: 1681
x-guploader-uploadid: ABPtcPqPjYUvN1QX0pC5zsACpgRIF0AXtdAam42C3j_wwi3vvlCw-2VPbWvDeyRH1LBa0WmJFlgwvbgnbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 14 Dec 2023 01:18:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/8FBACF3C-802A-91A1-4CF0-ACC010E4B9E0/ 37 B
261 B 350ms
113ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/8FBACF3C-802A-91A1-4CF0-ACC010E4B9E0/btp.js
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 182bb4844b04436b05b49fed78fee343e206eadc58325948b48d8bfeda18c281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 15:56:33 GMT
server: Microsoft-IIS/10.0
etag: "f6c3cd77c213d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 60

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 113ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=n5sewaa&ct=0:zrv6wlj&fmt=3
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2TH76WHGSC&gtm=45je3bt0v9132896858z8577380&_p=1702514761025&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=441648135.1702514762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1702514761&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1053
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 57ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2TH76WHGSC&cid=441648135.1702514762&gtm=45je3bt0v9132896858z8577380&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 33ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2TH76WHGSC&gtm=45je3bt0v9132896858&_p=1702514761025&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=441648135.1702514762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1702514761&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view_official&_c=1&_et=3&tfd=1057
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 42ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2TH76WHGSC&cid=441648135.1702514762&gtm=45je3bt0v9132896858z8577380&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1696859613

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/951685876/ 42 B
455 B 45ms
22ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/951685876/?random=1702514761638&cv=11&fst=1702512000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v577380&u_w=1600&u_h=1200&url=https%3A%2F%2Fwickedthemusical.com%2F&label=krl8CO75t3oQ9KXmxQM&frm=0&tiba=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9s2-tr31IQ22baomO6cFot7JHn4AYA&random=583898747&rmt_tld=0&ipr=y

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/951685876/ 42 B
455 B 32ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/951685876/?random=1702514761638&cv=11&fst=1702512000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v577380&u_w=1600&u_h=1200&url=https%3A%2F%2Fwickedthemusical.com%2F&label=krl8CO75t3oQ9KXmxQM&frm=0&tiba=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9s2-tr31IQ22baomO6cFot7JHn4AYA&random=583898747&rmt_tld=1&ipr=y

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 704711839614346 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 80ms
79ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/704711839614346?v=2.9.138&r=stable&domain=wickedthemusical.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49089b9639a22adf4c4dbb8d36c8e8b005bb5fdd74913d30f09eb371cf667c85

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:46:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HSvVIcc2fqrsv7KCuHAwjf+q7Ub8lkpCL9ddG+8yLNsy39exwvs3zvLKL9MpI0TcbJn40UiUTbh/zojrVkfWJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 7ms
7ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
x-cdn: fastly
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18895

GET
H2 200 adsct
t.co/i/ 43 B
377 B 143ms
109ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=cb27f374-a7dc-4eda-ae87-22432f629ff5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=06a0d758-f85a-460f-98c8-f89e628d925c&tw_document_href=https%3A%2F%2Fwickedthemusical.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzoxs&type=javascript&version=2.3.29

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 103
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4852599eb6f2db43
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: dcc5dbc5de45fe4865675d68e0dac36b481d51c5bab8102a9b02a8a0c43c6b2a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 179ms
116ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cb27f374-a7dc-4eda-ae87-22432f629ff5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=06a0d758-f85a-460f-98c8-f89e628d925c&tw_document_href=https%3A%2F%2Fwickedthemusical.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzoxs&type=javascript&version=2.3.29

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 108
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f7689976e34acc3c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: d80a4edc52542ca679cd186800bd3a838f51ae562152fd0a571d8c426cb38b0c
content-length: 43

GET
H2 200 GetCSS
chat.satis.fi/popup/ 56 KB
4 KB 119ms
118ms Stylesheet
text/css 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/popup/GetCSS
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4695f3ec487a9955bdcae80ccfd4467a90d71b7f7e54189088acdd23f4c9e393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
via: 1.1 google
server: Microsoft-IIS/10.0
etag: 4494147E9FBCD45D95644B39D209F69E
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4532

GET
H3 200 GetAWSConfig Show response
chat.satis.fi/Default/ 197 B
213 B 138ms
122ms Fetch
application/json 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/Default/GetAWSConfig
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 25eca592f3785484d9098120c463294ce6e805e7c5a8ccf81a8b8b35f2de91e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedthemusical.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
123 B 168ms
166ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 4667e5cf6785b6f1ffd55731638d24ef
cache-control: private
function-execution-id: qbugdisyt1ki
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 191ms
135ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wickedthemusical.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 00:46:01 GMT
function-execution-id: j3b3qbertht2
server: Google Frontend
x-cloud-trace-context: ae4bb3a77a5702c38c8c70be797990c2

GET
H2 200 NBCU_logo.png
cdn.cookielaw.org/logos/17e5cb00-ad90-47f5-a58d-77597d9d2c16/d44e374b-e570-4884-9441-33c0ccae5431/959d0f3c-d044-46db-bc43-cbca0284a92d/ 8 KB
8 KB 17ms
17ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/17e5cb00-ad90-47f5-a58d-77597d9d2c16/d44e374b-e570-4884-9441-33c0ccae5431/959d0f3c-d044-46db-bc43-cbca0284a92d/NBCU_logo.png

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e24fae615ef4f4736e61297ed889205e904fa8043df4a6e293d06b04ff7dd02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bARg0xmLydmFqu63Cj6+PQ==
age: 71243
content-length: 8170
x-ms-lease-status: unlocked
last-modified: Fri, 11 Dec 2020 18:05:34 GMT
server: cloudflare
etag: 0x8D89DFF5AFC0247
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 65a0b3a7-701e-0047-34c7-1252d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83526d6d6a4d3645-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 16ms
16ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 83498
x-ms-lease-status: unlocked
last-modified: Mon, 11 Dec 2023 22:15:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e048737f-f01e-0076-7cae-2cb3cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83526d6d6a4f3645-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
90 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d0e0192ededa5d1603685eb792d00bbc791f5b9f774b7d19afac4b0776fa4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H3

200

activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;... Show response
2179121.fls.doubleclick.net/ Frame 1B01
Redirect Chain

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa...
https://2179121.fls.doubleclick.net/activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=1...

505 B
323 B

56ms
56ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2179121.fls.doubleclick.net/activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

c5af4db2c2786b96fe0bcbff5c6aa18d98f4eb94fa47cf1a1e2ef30fbe0b08a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 300
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:01 GMT
expires: Thu, 14 Dec 2023 00:46:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2179121.fls.doubleclick.net/activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 23:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5016
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Dec 2023 01:22:25 GMT

GET
H2 200 dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=*;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
adservice.google.com/ddm/fls/z/ Frame C009 42 B
401 B 85ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=*;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Requested by

Host: 5549924.fls.doubleclick.net
URL: https://5549924.fls.doubleclick.net/activityi;dc_pre=CNOj49zZjYMDFc9UkQUdEzwGXA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=6020053634317;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
687 B 116ms
52ms XHR
application/json 2.19.216.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614997868974&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1702514761857&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.231 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.7c931102.1702514761.ec8ef2
x-envoy-upstream-service-time: 0
content-length: 172
x-pinterest-rid: 1044211729885227
pin-unauth: dWlkPVltVTJaVFpsTlRrdFptUTFOQzAwTVdKa0xUbGtZak10TUdRM00yWXhNRGxrT0RNNA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedthemusical.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
710 B 115ms
52ms XHR
application/json 2.19.216.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614997868974&cb=1702514761858&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.231 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.7c931102.1702514761.ec8ef1
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 172
x-pinterest-rid: 1576399081154545
pin-unauth: dWlkPU1tSmhPRGN6TnpVdE9EaGhPQzAwTURGbExXRXlaall0WVdFME16Y3lOVE0xTURSaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedthemusical.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C009 202 KB
53 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:46:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Oi7t1OgymH9aISzw5kxZ5mB5N4BRmkExzREG81fAdF6h0g2Z2dOSbQHeHTA6PUTfAnaPNdcBFJPY+NAbJIrVvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
454 B 86ms
50ms Image
image/gif 2.19.216.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614997868974&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwickedthemusical.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1702514761884

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.231 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.7c931102.1702514761.ec8ef3
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
content-length: 35
x-pinterest-rid: 9319774987036844
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
107 KB 24ms
22ms Script
application/javascript 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5O9M5LQ5ECR7VU4EUN0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: deb8965
date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073138CBF964B8B05B90039DAE
vary: Accept-Encoding
x-cache: TCP_HIT from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d88f8ac62ef7b007a3c57676869fb547df92b83e93178931233e54207d9c127789886a3790374b38bccfa1bca9d179c898a6b6bf225d6ec2840a6ea090df0f78c963f6ebbf0b25e42a7a9115a8d90cbd48df7de1518758c6a349e7e0abc5ad65
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 108570

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=704711839614346&ev=PageView&dl=https%3A%2F%2Fwickedthemusical.com%2F&rl=&if=false&ts=1702514761892&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702514761892.1605324002&ler=empty&it=1702514761760&coo=false&rqm=GET

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 00:46:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=704711839614346&ev=ViewContent&dl=https%3A%2F%2Fwickedthemusical.com%2F&rl=&if=false&ts=1702514761893&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702514761892.1605324002&ler=empty&it=1702514761760&coo=false&rqm=GET

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 00:46:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
225 B 15ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1063334065&t=pageview&_s=1&dl=https%3A%2F%2Fwickedthemusical.com%2F&ul=en-us&de=UTF-8&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=2050948346&gjid=51965837&cid=441648135.1702514762&tid=UA-900530-2&_gid=953505848.1702514762&_r=1&_slc=1&gtm=45He3bt0n51NVGLv577380&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1120355733

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d336f19d405a8392dc7debeab2cc60008c41a1da17f3e9173f853e412af9d601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 calendar-week-80d1259df9.css
wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/styles/ 2 KB
660 B 91ms
90ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/styles/calendar-week-80d1259df9.css
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/scripts/ticket-calendar-1f567e1720.js?ver=2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a380d800bbe09bdab2c05f9d57e5e61b7b0f89df61c265f1ab76ca16f53c24cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 17:51:40 GMT
server: nginx
etag: W/"652d782c-675"
x-powered-by: PleskLin
content-type: text/css

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DGMCRNLESF&gtm=45je3bt0v883511350z8577380&_p=1702514761025&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=441648135.1702514762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1702514761&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view&_fv=1&_ss=1&tfd=1277
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 20ms
20ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DGMCRNLESF&cid=441648135.1702514762&gtm=45je3bt0v883511350z8577380&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DGMCRNLESF&gtm=45je3bt0v883511350&_p=1702514761025&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=441648135.1702514762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1702514761&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view_official&_c=1&_et=2&tfd=1279
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DGMCRNLESF&cid=441648135.1702514762&gtm=45je3bt0v883511350z8577380&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=949698638

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-900530-2&cid=441648135.1702514762&jid=2050948346&gjid=51965837&_gid=953505848.1702514762&_u=YCDACEAABAAAACAAI~&z=1469803613

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
84 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

661879a8610e57eaa935ae7475d14687bac56c335bfdbd640f5174674fd94446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 00:46:01 GMT

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/ Frame 669D
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1162&sg=WICK&pg=ot&
https://tag.yieldoptimizer.com/ps/ps?tc=537186141&t=s&p=1162&sg=WICK&pg=ot&

1 KB
2 KB

16ms
15ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=537186141&t=s&p=1162&sg=WICK&pg=ot&
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3acb372998849a8a7c5ceeec51e6da757fe207cc1495acccb43cf9c5c4d3a2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=537186141&t=s&p=1162&sg=WICK&pg=ot&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ Frame 669D 0
31 B 12ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=10154456902266016&ev=ViewContent&cd[currency]=USD&cd[value]=0.00

Requested by

Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 00:46:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=*;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
adservice.google.com/ddm/fls/z/ Frame 669D 42 B
107 B 50ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=*;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=*;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
adservice.google.com/ddm/fls/z/ Frame 1B01 42 B
107 B 49ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=*;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Requested by

Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CJua69zZjYMDFbZckQUd4EkKbg;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6050833158917;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1716462331980126 Show response
connect.facebook.net/signals/config/ Frame C009 135 KB
35 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1716462331980126?v=2.9.138&r=stable&domain=wickedthemusical.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47a47d0626944ee6b6f2326243a91806d8a8d3e3e20efa2542f6dc15c1911a6c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:46:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7gQQozF+fARTw1Nn5g80R2GG2i6DSxg485zvtkxCDgFsiDO6zySSpZfV6WVL3TUeS+RmKYbB4fD4++vwJlcR5A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 250611 Show response
beacon.sojern.com/pixel/p/ Frame 669D 4 KB
1 KB 52ms
17ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/250611?f_v=v6_js&p_v=1&pc=&vid=tou&cid=
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 1366eda153e8007e36d79b86ab5a775a7ce7270bc38d1cb6c93f088eac4d3e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 778

GET
H2 200 PopupConfig-4455.js Show response
prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/PopupConfigs/ 1 KB
2 KB 173ms
135ms Script
application/javascript 35.244.160.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/PopupConfigs/PopupConfig-4455.js?v=fa8de647-358b-4a77-8fda-721ec5a81ec6
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.160.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.160.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 00d0b26a698296dbeb480aab5598658adbe6c951dbba62e94ac0c626d9f13709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
age: 0
x-guploader-uploadid: ABPtcPpTKODuvVqK5NUVMItGANqdqmoDtTGl6irYn3_CRiwO_SgPAAR3OE8RnBS0cXIr-xX7G6Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1391
last-modified: Mon, 31 Oct 2022 17:59:16 GMT
server: UploadServer
etag: "8c7ac7271b50c839a8dc8dc86f8da156"
x-goog-generation: 1667239156488397
x-goog-hash: crc32c=8tnGBg==, md5=jHrHJxtQyDmo3I3Ib42hVg==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=0
x-goog-stored-content-length: 1391
accept-ranges: bytes

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-900530-2&cid=441648135.1702514762&jid=2050948346&_u=YCDACEAABAAAACAAI~&z=207226802

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-900530-2&cid=441648135.1702514762&jid=2050948346&_u=YCDACEAABAAAACAAI~&z=207226802

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
699 B 51ms
51ms Image
image/gif 2.19.216.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614997868974&cb=1702514761996&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwickedthemusical.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.231 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.7c931102.1702514762.ec8f0d
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 4615407115689085
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 68ms
68ms Script
application/javascript 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: deb89d7
date: Thu, 14 Dec 2023 00:46:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731307E6AF9639FD969C6D40F
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 013152f14d5e45243c520a592eb201b202f7e0e2c90bbb927a530c3b341b926209c8d33ea52cc9da699f9962ccd08fd273b1e903bfad1f453df6a5fb11bbe4190a7726ecd70bfd8423fc0a5c2c5dc2590a078e63a9da3d06fbdf36bce7a310df66
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 36049

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 156ms
155ms Ping
text/plain 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: deb89d8
date: Thu, 14 Dec 2023 00:46:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231214004602836B3363AADC35B597D2-1B95D053651B845E-00
x-cache: TCP_MISS from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=30, cdn-cache; desc=MISS, edge; dur=9, origin; dur=124
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231214004602836B3363AADC35B597D2
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 125,23.67.40.11
x-tt-trace-host: 010c3377514175418f161c1730aeed1c88f911c471bea6d3d7e45c36ba4a3b76567b140d957cf818918dbd3f10c30e8e31e30a4bb5a9b5c9bd3239d42f7d10752fc19562d65d5ec7876c00eb610e7482b538d65ccab5df3795a02da9d50f32c738
access-control-allow-headers: Authorization,*
expires: Thu, 14 Dec 2023 00:46:02 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
839 B 156ms
156ms Ping
text/plain 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2dd14c1c.deb89d9
date: Thu, 14 Dec 2023 00:46:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231214004602692F6D054CCF4CCCB4AE-5977238242FC08FA-00
x-cache: TCP_MISS from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 121,23.67.40.11
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=33, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231214004602692F6D054CCF4CCCB4AE
x-cache-remote: TCP_MISS from a23-48-200-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.48.200.203
x-tt-trace-host: 010c3377514175418f161c1730aeed1c881eeab1664d973cf50390a1fe889a3b4e4131f24448c294809914875eecdac362b0c1a259e3afd6039a9ec016cbad7ecd7f3af1568c4d6920439d4ecef64155f91a4270d5c83f19e1b3d2312b2a38193a69050ec61e06c7e5e63f4774899d9b27
access-control-allow-headers: Authorization,*
expires: Thu, 14 Dec 2023 00:46:02 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
697 B 180ms
180ms Ping
text/plain 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: deb89da
date: Thu, 14 Dec 2023 00:46:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231214004602926D69F5FA6ED3BF5881-1C9646B3B3CD689F-00
x-cache: TCP_MISS from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=39, cdn-cache; desc=MISS, edge; dur=6, origin; dur=132
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231214004602926D69F5FA6ED3BF5881
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,23.67.40.11
x-tt-trace-host: 010c3377514175418f161c1730aeed1c88f911c471bea6d3d7e45c36ba4a3b765600ea4319b7b6c7d8d8f4403ae49f3c9d3210dcda97a6089a2fc99efe10a10422d370706ea83aa48a07eada795cf2fb0de8c00db3b4cba8e92878dff832b3c799
access-control-allow-headers: Authorization,*
expires: Thu, 14 Dec 2023 00:46:02 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WLHS4QYPZV&_ono=1&gtm=45je3bt0v9135199850&_p=1702514761025&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=441648135.1702514762&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EhAI&_s=1&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sid=1702514762&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1400
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 22ms
22ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-WLHS4QYPZV&cid=441648135.1702514762&gtm=45je3bt0v9135199850&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WLHS4QYPZV&_ono=1&gtm=45je3bt0v9135199850&_p=1702514761025&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=441648135.1702514762&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=2&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sid=1702514762&sct=1&seg=0&cu=USD&en=site_visit2&_c=1&epn.value=0&_et=1&tfd=1402
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WLHS4QYPZV&_ono=1&gtm=45je3bt0v9135199850&_p=1702514761025&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=441648135.1702514762&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=3&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sid=1702514762&sct=1&seg=0&cu=USD&en=site_visit&_c=1&epn.value=0&_et=1&tfd=1404
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-WLHS4QYPZV&cid=441648135.1702514762&gtm=45je3bt0v9135199850&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=4391756

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
adservice.google.com/ddm/fls/z/ Frame 669D
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9836704;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
https://ad.doubleclick.net/ddm/activity/src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

42 B
63 B

45ms
45ms

Image
image/gif

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Requested by

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJym_dzZjYMDFe8JogMdkK4I5Q;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 669D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=A8oL8anuDBeqWwYaqc3TYQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLd...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i&sjrn_ula=903923083&google_gid=CAESELzPcQRTzCPRc2WQ3QPqdMU&google_cver=1

42 B
274 B

16ms
16ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i&sjrn_ula=903923083&google_gid=CAESELzPcQRTzCPRc2WQ3QPqdMU&google_cver=1
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i&sjrn_ula=903923083&google_gid=CAESELzPcQRTzCPRc2WQ3QPqdMU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 669D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=A8oL8anuDBeqWwYaqc3TYQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDooaKFJHGj513AJEsp2CguV1SKgt2oqnGLKKWb3BNj9FxEHzkBWIZMkiKH4FdSMWgDuFqlJ0Ewzbp7p3QNf-y2lYgWrS1ipYfse3iN9lMCTQwT97qxI
https://fcmatch.youtube.com/pixel?google_gm=AMnCDooaKFJHGj513AJEsp2CguV1SKgt2oqnGLKKWb3BNj9FxEHzkBWIZMkiKH4FdSMWgDuFqlJ0Ewzbp7p3QNf-y2lYgWrS1ipYfse3iN9lMCTQwT97qxI

170 B
432 B

76ms
53ms

Image
image/png

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDooaKFJHGj513AJEsp2CguV1SKgt2oqnGLKKWb3BNj9FxEHzkBWIZMkiKH4FdSMWgDuFqlJ0Ewzbp7p3QNf-y2lYgWrS1ipYfse3iN9lMCTQwT97qxI

Requested by

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDooaKFJHGj513AJEsp2CguV1SKgt2oqnGLKKWb3BNj9FxEHzkBWIZMkiKH4FdSMWgDuFqlJ0Ewzbp7p3QNf-y2lYgWrS1ipYfse3iN9lMCTQwT97qxI
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidnb
ib.adnxs.com/ Frame 669D 43 B
571 B 26ms
6ms Image
image/gif 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
an-x-request-uuid: b7eda0ea-577d-460c-bd47-768da7ee67ed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 669D 70 B
148 B 39ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=YdQnFFABJK3OIdRvfe5tzwtPUVLjRHxMvawPX5iXfVHz05mslLdGkY_YBw-1k74i&ttd_tpi=1
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame 669D
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361&party=1296
https://pixel.sojern.com/idsync/adf?adfid=5165886723373762969&cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361

0
209 B

16ms
16ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=5165886723373762969&cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 00:46:02 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=5165886723373762969&cid=03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 669D 170 B
243 B 40ms
19ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzk5MzM0ODAxMw&google_sc&gdpr=&gdpr_consent=&

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 669D 70 B
148 B 39ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1&gdpr=&gdpr_consent=&
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 451 394499.gif
idsync.rlcdn.com/ Frame 669D 0
98 B 44ms
16ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3017993348013&gdpr=&gdpr_consent=&
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ Frame 669D 0
388 B 40ms
18ms Image
text/plain 35.241.54.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNzk5MzM0ODAxM3wxNzAyNTE0NzYyMDU3&gdpr=&gdpr_consent=&
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/ Frame 669D
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8546338;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

42 B
63 B

44ms
44ms

Image
image/gif

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=COCw_dzZjYMDFWMKogMdLOwMlA;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
adservice.google.com/ddm/fls/z/ Frame 669D
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8546338;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

42 B
63 B

44ms
44ms

Image
image/gif

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CMWx_dzZjYMDFUEQogMdOX0Maw;type=invmedia;cat=themu0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame 669D
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3126466868122066706

43 B
61 B

15ms
15ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3126466868122066706
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3126466868122066706
pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 669D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3017993348013&gdpr=&gdprconsent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017993348013&gdpr=&gdprconsent=

42 B
715 B

33ms
32ms

Image
image/gif

54.74.69.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017993348013&gdpr=&gdprconsent=

Requested by

Protocol

Server

54.74.69.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-74-69-97.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-08a71e00e.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ApU1VrwlS3g=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-051157d8a.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 2cgUlUZRQQ8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017993348013&gdpr=&gdprconsent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame 669D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adara&gdpr=&gdpr_consent=&
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=bP3ephG9W-dP-6vA76DEYlFfBSo

43 B
61 B

15ms
15ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=bP3ephG9W-dP-6vA76DEYlFfBSo
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CPKe49zZjYMDFUZTkQUdZ2sAhA;src=2179121;type=sitev592;cat=sitev000;ord=1;num=6848848530250;auiddc=1331752118.1702514762;gtm=45He3bt0v577380;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=bP3ephG9W-dP-6vA76DEYlFfBSo
Date: Thu, 14 Dec 2023 00:46:02 GMT
Connection: keep-alive
Content-Length: 110
Content-Type: text/html; charset=utf-8

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 669D 202 KB
53 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:46:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Oi7t1OgymH9aISzw5kxZ5mB5N4BRmkExzREG81fAdF6h0g2Z2dOSbQHeHTA6PUTfAnaPNdcBFJPY+NAbJIrVvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665 Show response
5451832.fls.doubleclick.net/ Frame 6F01
Redirect Chain

https://5451832.fls.doubleclick.net/activityi;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665?
https://5451832.fls.doubleclick.net/activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665?

389 B
237 B

50ms
50ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5451832.fls.doubleclick.net/activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

b2eee0d5d6a26e8c621637ea8ad724561e3c63043fcc79062091390970d91463

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2179121.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:02 GMT
expires: Thu, 14 Dec 2023 00:46:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 00:46:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5451832.fls.doubleclick.net/activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ Frame C009 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1716462331980126&ev=PageView&dl=https%3A%2F%2F5549924.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNOj49zZjYMDFc9UkQUdEzwGXA%3Bsrc%3D5549924%3Btype%3Dsitev0%3Bcat%3Dwicke0%3Bord%3D1%3Bnum%3D6020053634317%3Bauiddc%3D1331752118.1702514762%3Bgtm%3D45He3bt0v577380%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwickedthemusical.com%252F%3F&rl=https%3A%2F%2Fwickedthemusical.com%2F&if=true&ts=1702514762119&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1702514761984&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 00:46:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 370148890047650 Show response
connect.facebook.net/signals/config/ Frame 669D 135 KB
35 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/370148890047650?v=2.9.138&r=stable&domain=wickedthemusical.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

121de8aa4b26940498c691eae00364df8f95f78952e72c1681e1fc0809265588

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Dec 2023 00:46:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: zGwquMl7iOC9vJz2PJHpcEOAhdMGkfeeUV9kj+npIYA4YKHmbwwNnbxzGEMZMrvERY8PaOnUIp3Jjo7aQTDLyw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 popuptheme-1603.css Show response
prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/ThemeFiles/ 2 KB
2 KB 151ms
135ms Fetch
text/css 35.244.160.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/ThemeFiles/popuptheme-1603.css?v=a6198f1a-b197-45e0-b7e2-578cf2685b00
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.160.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.160.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 823cebd619645289fb908bb824c6aafeb83c8e3c48aff4f011f02c1881025e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:02 GMT
age: 0
x-guploader-uploadid: ABPtcPrswNvEAnZ3GjS8MpcFAu4nR4Lfa8_ytNypUYTIYOJ26TxWmYlNCnQP0Yj24MerqZkS84ZyTjpPCPgXSVc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1892
last-modified: Mon, 31 Oct 2022 18:04:23 GMT
server: UploadServer
etag: "90e2c010c9f19c6b3bac04b06731832e"
x-goog-generation: 1667239463297845
x-goog-hash: crc32c=K6n3Yw==, md5=kOLAEMnxnGs7rASwZzGDLg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=0
x-goog-stored-content-length: 1892
accept-ranges: bytes
content-type: text/css

GET
H3 200 /
www.facebook.com/tr/ Frame 669D 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=370148890047650&ev=PageView&dl=https%3A%2F%2F2179121.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPKe49zZjYMDFUZTkQUdZ2sAhA%3Bsrc%3D2179121%3Btype%3Dsitev592%3Bcat%3Dsitev000%3Bord%3D1%3Bnum%3D6848848530250%3Bauiddc%3D1331752118.1702514762%3Bgtm%3D45He3bt0v577380%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwickedthemusical.com%252F%3F&rl=https%3A%2F%2Fwickedthemusical.com%2F&if=true&ts=1702514762201&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1702514762129&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Dec 2023 00:46:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665
adservice.google.com/ddm/fls/z/ Frame 6F01 42 B
63 B 44ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665

Requested by

Host: 5451832.fls.doubleclick.net
URL: https://5451832.fls.doubleclick.net/activityi;dc_pre=CJ79_dzZjYMDFctYkQUd_x8MPQ;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=856775024453.5665?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5451832.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 00:46:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
698 B 154ms
154ms Ping
text/plain 92.123.104.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.104.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-104-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: deb8a45
date: Thu, 14 Dec 2023 00:46:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121400460265C5F2C0402BC8A2E4BF-2DA5E67E7E431B0D-00
x-cache: TCP_MISS from a23-67-40-11.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=9, origin; dur=126
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121400460265C5F2C0402BC8A2E4BF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 127,23.67.40.11
x-tt-trace-host: 010c3377514175418f161c1730aeed1c88f911c471bea6d3d7e45c36ba4a3b765600ea4319b7b6c7d8d8f4403ae49f3c9d607f4d55c9dd6d539082ffa804a4ce214e4c979e04da94a17d158312f4b892b5df71821b3ea0c2a76579da3978c783a5
access-control-allow-headers: Authorization,*
expires: Thu, 14 Dec 2023 00:46:02 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5155 0
59 B 33ms
33ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ne6bxp1&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=7097zv2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 00:46:02 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame DF0A 0
59 B 32ms
32ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=m7hla2z&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=gwhirxm&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 00:46:02 GMT
server: Kestrel

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame 2D3B 565 B
348 B 51ms
51ms Document
text/html 2.19.216.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2.19.216.231 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-231.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.c6931102.1702514762.3414c86
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 00:46:02 GMT
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
quic-version: 0x00000001
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 9054083051252757

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fonts.net/	1970-01-20 16:55:16	Name: __cf_bm Value: zYiVGuHNzrECqHO0BMmACHU9AFfDkVuXk5E5jXL17cE-1702514761-1-AUgv0tWTdVqLEQSccKq5Qfuamw5fSUlbWBbpKg1zxN4DiKbHI76WQ2AkZQz5aAEw+E2f96ztECcvSSP9I2TjNnw=
.wickedthemusical.com/	1970-01-20 19:04:50	Name: _gcl_au Value: 1.1.1331752118.1702514762
wickedthemusical.com/	1970-01-21 01:40:50	Name: usprivacy Value: 1---
.wickedthemusical.com/	1970-01-21 02:31:14	Name: _ga_2TH76WHGSC Value: GS1.1.1702514761.1.0.1702514761.60.0.0
wickedthemusical.com/	1970-01-21 01:40:50	Name: __pdst Value: f43e3784fb7c485d92620cf1af81f260
.wickedthemusical.com/	1970-01-21 01:40:50	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Dec+14+2023+01%3A46%3A01+GMT%2B0100+(Central+European+Standard+Time)&version=6.39.0&hosts=&consentId=603b9060-31b1-4294-b07e-8e83d0c461da&interactionCount=0&landingPath=https%3A%2F%2Fwickedthemusical.com%2F&groups=1%3A1%2C9%3A1%2C10%3A1%2C12%3A1%2C11%3A1%2C13%3A1%2COOF%3A1%2Cdummy%3A1
.tiktok.com/	1970-01-21 02:16:50	Name: _ttp Value: 2ZVkiafXQF9CEVPLrqdjjJQ4uxK
.wickedthemusical.com/	1970-01-20 19:04:50	Name: _fbp Value: fb.1.1702514761892.1605324002
.wickedthemusical.com/	1970-01-20 16:56:41	Name: _gid Value: GA1.2.953505848.1702514762
.wickedthemusical.com/	1970-01-20 16:55:14	Name: _gat_UA-900530-2 Value: 1
.t.co/	1970-01-21 02:31:14	Name: muc_ads Value: 8b2d6fbf-a3bd-4b63-8fb2-b685679a8bea
.doubleclick.net/	1970-01-21 02:16:50	Name: IDE Value: AHWqTUnRr53p3Cgkm9OXJ37DONwwDX0cg9LenS9Tr41rdxeKYEAlncIIpDZoZ6uyt68
.twitter.com/	1970-01-21 02:31:14	Name: personalization_id Value: "v1_Csbmq1aAzNr/Q6XUtr5s1g=="
.wickedthemusical.com/	1970-01-21 02:31:14	Name: _ga Value: GA1.1.441648135.1702514762
.wickedthemusical.com/	1970-01-21 02:31:14	Name: _ga_DGMCRNLESF Value: GS1.1.1702514761.1.0.1702514761.60.0.0
.pinterest.com/	1970-01-21 01:40:50	Name: ar_debug Value: 1
.wickedthemusical.com/	1970-01-21 01:40:50	Name: _pin_unauth Value: dWlkPVltVTJaVFpsTlRrdFptUTFOQzAwTVdKa0xUbGtZak10TUdRM00yWXhNRGxrT0RNNA
.yieldoptimizer.com/	1970-01-21 01:40:50	Name: cktst Value: 537186141
.wickedthemusical.com/	1970-01-21 02:16:50	Name: _tt_enable_cookie Value: 1
.wickedthemusical.com/	1970-01-21 02:16:50	Name: _ttp Value: hNUwG_OaV1guHAeB9PcdGp9Y9YB
.ct.pinterest.com/	1970-01-21 01:40:50	Name: _pinterest_ct_ua Value: "TWc9PSZvNGlOS2lLRFVUVjdaNFlVeDhKTDd6TE54Q0hPVlNSdXlSU0pBWlVJUlpCOTNwR1JRTWNmUGY1MnlnN082aERFRTNmL3BOc3ZIOTFWSGJ5ZXBlMW43WmlzUXdNeXJ6Ylh0MUdpazFodVdTWT0mZVhOWjRyRGhFajhPb0QvM1MydmE1Nld1c2pnPQ=="
.yieldoptimizer.com/	1970-01-21 01:40:50	Name: ckid Value: 3017993348013
.yieldoptimizer.com/	1970-01-21 01:40:50	Name: ph Value: %7B%22p%22%3A%5B1504%2C1025%2C1490%2C1203%2C1493%2C39%2C1305%2C1084%2C1022%5D%2C%22t%22%3A%5B131040%2C131040%2C131040%2C131040%2C131040%2C131040%2C131040%2C131040%2C131040%5D%7D
.wickedthemusical.com/	1970-01-21 02:31:14	Name: _ga_WLHS4QYPZV Value: GS1.2.1702514762.1.0.1702514762.60.0.0
.adaraanalytics.com/	1970-01-21 01:40:50	Name: ckid Value: 3017993348013
.adaraanalytics.com/	1970-01-21 01:40:50	Name: aackid Value: 3017993348013
.sojern.com/	1970-01-21 01:40:50	Name: gid Value: CAESELzPcQRTzCPRc2WQ3QPqdMU
.sojern.com/	1970-01-21 01:40:50	Name: cid Value: 03ca0bf1-a9ee-0c17-aa5b-061aa9cdd361#1702512000000
.adform.net/	1970-01-20 17:39:53	Name: C Value: 1
.adform.net/	1970-01-20 18:21:38	Name: uid Value: 5165886723373762969
.sojern.com/	1970-01-21 01:40:50	Name: adfid Value: 5165886723373762969
.demdex.net/	1970-01-20 21:14:26	Name: demdex Value: 27251040052326082261888560605236043839
.dpm.demdex.net/	1970-01-20 21:14:26	Name: dpm Value: 27251040052326082261888560605236043839
.turn.com/	1970-01-20 21:14:26	Name: uid Value: 3126466868122066706
sync.srv.stackadapt.com/	1970-01-21 01:40:50	Name: sa-user-id Value: s%3A0-6cfddea6-11bd-5be7-4ffb-abc0efa0c462.xB%2Bt8WJob0kuW346SorMfycHzv%2FeRFh3HIfpdhh0wOs
.srv.stackadapt.com/	1970-01-21 01:40:50	Name: sa-user-id Value: s%3A0-6cfddea6-11bd-5be7-4ffb-abc0efa0c462.xB%2Bt8WJob0kuW346SorMfycHzv%2FeRFh3HIfpdhh0wOs
sync.srv.stackadapt.com/	1970-01-21 01:40:50	Name: sa-user-id-v2 Value: s%3AbP3ephG9W-dP-6vA76DEYlFfBSo.77nRy%2BNWeyHE6%2B9x89M%2FTqsMDE7UKYI%2FHC7ejA1y1lw
.srv.stackadapt.com/	1970-01-21 01:40:50	Name: sa-user-id-v2 Value: s%3AbP3ephG9W-dP-6vA76DEYlFfBSo.77nRy%2BNWeyHE6%2B9x89M%2FTqsMDE7UKYI%2FHC7ejA1y1lw
sync.srv.stackadapt.com/	1970-01-21 01:40:50	Name: sa-user-id-v3 Value: s%3AAQAKIBTaz_YxPrJbo_1PlWiB75s7O7fAbbADPdFB2AIcd9QrEHwYBCDKoOmrBjABOgQ8w7t9QgQZen4A.ek7eg9n4Y4rKnq%2BdKP4Kp5JSqtMtam8PAB8uyLEdWBA
.srv.stackadapt.com/	1970-01-21 01:40:50	Name: sa-user-id-v3 Value: s%3AAQAKIBTaz_YxPrJbo_1PlWiB75s7O7fAbbADPdFB2AIcd9QrEHwYBCDKoOmrBjABOgQ8w7t9QgQZen4A.ek7eg9n4Y4rKnq%2BdKP4Kp5JSqtMtam8PAB8uyLEdWBA
.yieldoptimizer.com/	1970-01-21 01:40:50	Name: dph Value: %7B%22t%22%3A%5B131040%2C131040%2C131040%5D%2C%22dp%22%3A%5B8064%2C4889%2C1162%5D%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/704711839614346?v=2.9.138&r=stable&domain=wickedthemusical.com(Line 132) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://connect.facebook.net/signals/config/1716462331980126?v=2.9.138&r=stable&domain=wickedthemusical.com(Line 132) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3017993348013&gdpr=&gdpr_consent=& Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://connect.facebook.net/signals/config/370148890047650?v=2.9.138&r=stable&domain=wickedthemusical.com(Line 132) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2179121.fls.doubleclick.net
5451832.fls.doubleclick.net
5549924.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
beacon.sojern.com
c1.adform.net
cdn.cookielaw.org
cdn.pdst.fm
chat.satis.fi
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d.turn.com
d1rx0dtgjk9kr3.cloudfront.net
dpm.demdex.net
fast.fonts.net
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
pixel.sojern.com
prod-satisfilabs-resources-gcs.satis.fi
region1.analytics.google.com
s.pinimg.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
t.co
tag.adaraanalytics.com
tag.yieldoptimizer.com
us-central1-adaptive-growth.cloudfunctions.net
wickedthemusical.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rtb123.com
104.244.42.195
104.244.42.197
107.178.244.119
108.138.15.119
142.250.186.98
146.75.116.157
15.197.193.217
172.217.18.102
2.19.216.231
2001:4860:4802:32::36
2001:4860:4802:36::36
216.58.206.38
2600:9000:2250:4800:15:2f34:53c0:21
2606:4700:4400::ac40:9b77
2606:4700::6810:fa43
2606:4700::6812:82ec
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:8d::84
34.111.146.217
35.171.141.94
35.186.212.60
35.241.54.161
35.244.142.80
35.244.160.208
35.244.174.68
37.157.6.232
37.252.171.52
46.228.164.13
54.174.79.84
54.74.69.97
67.225.220.126
92.123.104.139
00d0b26a698296dbeb480aab5598658adbe6c951dbba62e94ac0c626d9f13709
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
121de8aa4b26940498c691eae00364df8f95f78952e72c1681e1fc0809265588
1366eda153e8007e36d79b86ab5a775a7ce7270bc38d1cb6c93f088eac4d3e3a
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
182bb4844b04436b05b49fed78fee343e206eadc58325948b48d8bfeda18c281
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f
1f3c87ba47b56f47598b859329db45ed981071aaf2f887e0f385e5745af16118
1f751d3740ea83b3d42100e1bf23b0b17d5b4c4ff3bdf9badd42ba03a814896f
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
25eca592f3785484d9098120c463294ce6e805e7c5a8ccf81a8b8b35f2de91e1
31a1e6b3fa6da6aa1874ccd12f654a652ae5681b7aa7b7e7fdcf6b126e08a7b3
331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60
35600e2bfb0c420c0d7e3a9f13e83dd03dc3b0beb54344386ab7a08c3d8a8b6b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3acb372998849a8a7c5ceeec51e6da757fe207cc1495acccb43cf9c5c4d3a2e5
3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e186e172cadf1b08c7a05c1b0f7a2797921cd64ba62a991596bf0884de78f4c
3f2bf166f3ec51fb4f4f30863527658488e638f5c34f5b7374de3aaac9383be7
43d52dc7940c3c55544e6884a818dfe56ea9d01e7422595d8c5dabd332d3b85a
4695f3ec487a9955bdcae80ccfd4467a90d71b7f7e54189088acdd23f4c9e393
47a47d0626944ee6b6f2326243a91806d8a8d3e3e20efa2542f6dc15c1911a6c
49089b9639a22adf4c4dbb8d36c8e8b005bb5fdd74913d30f09eb371cf667c85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0368be2b71c0c2fb9e6b1b1e946a13b18b47f531f4151b536f613477b9b6d5
4d0e0192ededa5d1603685eb792d00bbc791f5b9f774b7d19afac4b0776fa4da
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
50d68134803430f1729e9927426d636c1b75662fe24bd1706a4d2166ef682087
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
610cff2c96722ead24487039f6fa6de3161a9b3d8561cc09e0abab2ccc6430f9
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
63b3bea0e5718a1a04e529b9b3f3248e481b44c3615da8d928b771a177ccdbae
661879a8610e57eaa935ae7475d14687bac56c335bfdbd640f5174674fd94446
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6c708e8ed43f58bea91c9e6a0565b882798935f3579640d5e5f9a04265b00755
7f631d5455f589ef074281c0677aaadf301d5489ad8b81798e36d371bba3c761
8110fec8953967ec64d619493efbd07f1f0640746e6aee93298985a3b0e61db2
823cebd619645289fb908bb824c6aafeb83c8e3c48aff4f011f02c1881025e82
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98b1725f459034cdd8400f0ced84a6d2b1b38992f8bf13ca787523a123f7b23a
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a380d800bbe09bdab2c05f9d57e5e61b7b0f89df61c265f1ab76ca16f53c24cc
a616c05df0242158ec4650bdbb42e3b093ec6cdcb11416e3aab079c119965f84
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
aeb7b8f80308a830f9fa6aabf3ffae4991d6044713993043dca442ed14040d13
af4d669f0396d1fc4e3e3c5d1fe6217f71a74ed78d6b420f376d331d515514b9
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b2eee0d5d6a26e8c621637ea8ad724561e3c63043fcc79062091390970d91463
b39089861f39a7212f79aa6b4a3540d162aa898fe84069856de6455508eee4c0
b7a6901459b0de874ef450c7a52190c1892bd3adf047ce49c9de3c00b23da991
bbe84d9cac20a501eb5dc1de30ade0618a275e517fcce24c7f935db1830af100
bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5af4db2c2786b96fe0bcbff5c6aa18d98f4eb94fa47cf1a1e2ef30fbe0b08a1
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52
ce50c3ddb962ac8242bf562751b465d706d19c13a96bce9112cf37fdf2c76db5
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d03515268b17a0cbf88cd38aa108e0770a23e1338d22d2dc9e9a38ca6a89311b
d336f19d405a8392dc7debeab2cc60008c41a1da17f3e9173f853e412af9d601
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e24fae615ef4f4736e61297ed889205e904fa8043df4a6e293d06b04ff7dd02f
e32957744ae7d7362c0513a4346a63dd350132483b4282ef84912f66ccd86e77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8421fbd0e65e75bb12f2c05e2335c999dc218b3d80f103759fd497702e76676
ead365bafa451211d6ce383395fdaf22943af479aa5eda7615581e6b0e81e65a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f7ce91e2bb9a685435527b75513cc130f4fee6ec5c7f28efd9fbeab2781bcc5c
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fb716fedf797a1d2d8c46deed804f97881304cfaebc13e905f1848f268cbf49f

wickedthemusical.com Open in urlscan Pro 35.171.141.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

92 %HTTPS

45 %IPv6

35 Domains

48 Subdomains

39 IPs

7 Countries

1933 kBTransfer

5487 kBSize

41 Cookies

50 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wickedthemusical.com Open in urlscan Pro
35.171.141.94 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

92 %
HTTPS

45 %
IPv6

35
Domains

48
Subdomains

39
IPs

7
Countries

1933 kB
Transfer

5487 kB
Size

41
Cookies

143 HTTP transactions
0 data transactions