order.pennentertainment.com Open in urlscan Pro
40.79.23.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qrcodes.pro/ww1NcX
Effective URL:
https://order.pennentertainment.com/kansasspeedway
Submission: On March 11 via manual (March 11th 2024, 6:41:28 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 72 HTTP transactions. The main IP is 40.79.23.114, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is order.pennentertainment.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 16th 2023. Valid for: a year.

This is the only time order.pennentertainment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	143.204.98.40 143.204.98.40	16509 (AMAZON-02) (AMAZON-02)
28	40.79.23.114 40.79.23.114	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	23.196.235.139 23.196.235.139	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.184.240 2.16.184.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	108.138.26.16 108.138.26.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.147.66 18.66.147.66	() ()
5	2600:9000:26d... 2600:9000:26da:c000:3:7280:4e00:93a1	16509 (AMAZON-02) (AMAZON-02)
72	17

2 143.204.98.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-40.fra50.r.cloudfront.net

qrcodes.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 40.79.23.114 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

order.pennentertainment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.235.139 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-235-139.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.184.240 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-184-240.deploy.static.akamaitechnologies.com

cdns.us1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.26.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-16.fra56.r.cloudfront.net

gigyaprod.pennentertainment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.66 (None, )

ASN- ()

gigyaprod.order.pennentertainment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26da:c000:3:7280:4e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.tacitcorp.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	pennentertainment.com order.pennentertainment.com gigyaprod.pennentertainment.com — Cisco Umbrella Rank: 377395 gigyaprod.order.pennentertainment.com	1 MB
14	google.com accounts.google.com — Cisco Umbrella Rank: 20 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2753 play.google.com — Cisco Umbrella Rank: 33	541 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	551 KB
5	tacitcorp.ca content.tacitcorp.ca — Cisco Umbrella Rank: 225495	290 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	158 KB
2	gigya.com cdns.us1.gigya.com — Cisco Umbrella Rank: 15890	336 KB
2	qrcodes.pro qrcodes.pro — Cisco Umbrella Rank: 313472	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	262 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	775 B
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3609	17 KB
72	10

	Domain	Requested by
28	order.pennentertainment.com	qrcodes.pro order.pennentertainment.com
8	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
6	play.google.com	www.gstatic.com
5	content.tacitcorp.ca
4	www.google.com	order.pennentertainment.com www.gstatic.com www.google.com
3	gigyaprod.pennentertainment.com	gigyaprod.pennentertainment.com
3	pay.google.com	order.pennentertainment.com pay.google.com www.gstatic.com
2	fonts.gstatic.com	www.google.com
2	www.googletagmanager.com	order.pennentertainment.com www.googletagmanager.com
2	cdns.us1.gigya.com	order.pennentertainment.com cdns.us1.gigya.com
2	qrcodes.pro	qrcodes.pro
1	gigyaprod.order.pennentertainment.com	order.pennentertainment.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	order.pennentertainment.com
1	appleid.cdn-apple.com	order.pennentertainment.com
1	accounts.google.com	order.pennentertainment.com
72	16

This site contains links to these domains. Also see Links.

Domain
www.pngaming.com

Subject Issuer	Validity	Valid
qr.tapnscan.me Amazon RSA 2048 M01	`2023-07-09` - `2024-08-06`	a year	crt.sh
order.pennentertainment.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-16` - `2024-11-15`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2024-01-09` - `2024-07-07`	6 months	crt.sh
cdns.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
gigyaprod.pennmarketplace.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
gigyaprod.order.pennentertainment.com Amazon RSA 2048 M03	`2023-11-01` - `2024-11-30`	a year	crt.sh
*.tacitcorp.ca Amazon RSA 2048 M03	`2023-10-19` - `2024-11-16`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://order.pennentertainment.com/kansasspeedway
Frame ID: 24A3AF7CC517CB69337A928B257494CF
Requests: 48 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Forder.pennentertainment.com&mid=
Frame ID: 366D3E2C0247417E9D355301BB840D27
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH&co=aHR0cHM6Ly9vcmRlci5wZW5uZW50ZXJ0YWlubWVudC5jb206NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=creujni1ka8q
Frame ID: DD4EE95CA6937357F6792630CA2B515A
Requests: 8 HTTP requests in this frame

Frame: https://gigyaprod.pennentertainment.com/gs/webSdk/Api.aspx?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&version=canary&build=15791
Frame ID: 4362F17198B58F30F41E0BFD47ABC40C
Requests: 2 HTTP requests in this frame

Frame: https://gigyaprod.pennentertainment.com/gs/sso.htm?APIKey=3_Ihhi0RyUjbgIrTc0VPbCuHl1VCOjnGhGlRnexBq5hBPQpDOD6DEeNRP4xSQkMOLD&ssoSegment=&version=canary&build=15791
Frame ID: 32781F54C47E49C1F58ADA2674EF968C
Requests: 1 HTTP requests in this frame

Frame: https://gigyaprod.pennentertainment.com/gs/sso.htm?APIKey=3_Ihhi0RyUjbgIrTc0VPbCuHl1VCOjnGhGlRnexBq5hBPQpDOD6DEeNRP4xSQkMOLD&ssoSegment=&version=canary&build=15791
Frame ID: F592EFDB26CBD61A5DFC23D25A3243F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Order Online | PENN Entertainment

Page URL History Show full URLs

https://qrcodes.pro/ww1NcX Page URL
https://order.pennentertainment.com/kansasspeedway Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

SAP Customer Data Cloud Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

\.gigya\.com/JS/gigya\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

97 %
HTTPS

63 %
IPv6

10
Domains

16
Subdomains

17
IPs

3
Countries

3188 kB
Transfer

9769 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pngaming.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.pngaming.com/terms-of-use/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qrcodes.pro/ww1NcX Page URL
https://order.pennentertainment.com/kansasspeedway Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ww1NcX Show response
qrcodes.pro/ 4 KB
2 KB 581ms
544ms Document
text/html 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qrcodes.pro/ww1NcX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: d41652ad604f8729303934a00b5249e40231f5f8b52684025efb3d8378e7933b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, x-csrftoken
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: *
cache-control: private, max-age=1
content-encoding: br
content-language: de
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 18:41:24 GMT
server: nginx
vary: Accept-Encoding,Cookie,Accept-Language
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-id: p0WJGAWq6IFFD17fHFA5q5hlTdGEMpss5eIsQGODNjYZ6IEfZ3uxyA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront

POST
H2 200 / Show response
qrcodes.pro/analytics/location/ 0
222 B 122ms
122ms XHR
text/plain 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qrcodes.pro/analytics/location/
Requested by: Host: qrcodes.pro
URL: https://qrcodes.pro/ww1NcX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qrcodes.pro/ww1NcX
accept-language: de-DE,de;q=0.9
X-CSRFToken: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Mar 2024 18:41:24 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: bmiEqro7Gs9XJ8ZNgu72D8BbSygIHxPqzOsY8RRpAa6O88T2fvbKcg==
x-cache: LambdaGeneratedResponse from cloudfront

GET
H/1.1 200
OK Primary Request kansasspeedway Show response
order.pennentertainment.com/ 7 KB
3 KB 520ms
95ms Document
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/kansasspeedway

Requested by

Host: qrcodes.pro
URL: https://qrcodes.pro/ww1NcX

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

967cff2798b48a58b362bae040cfea5990b72c9f28f6fc2751ae46aaf572a3e3

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qrcodes.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type ReCaptcha
Access-Control-Allow-Origin: *
Connection: keep-alive, Keep-Alive
Content-Encoding: gzip
Content-Length: 2511
Content-Security-Policy: frame-src https:
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Mar 2024 18:41:25 GMT
Keep-Alive: timeout=5, max=100
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 client Show response
accounts.google.com/gsi/ 215 KB
83 KB 73ms
32ms Script
application/javascript 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a94418c2f495c0c6ca71bb6ec211ebd32b75782eb124b009b06e7e52401f807

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-s-iIThI6Sks_5Svxn3xumg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-s-iIThI6Sks_5Svxn3xumg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 11 Mar 2024 18:41:25 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 57ms
33ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9aeb9ae797ddb7a89d760b1794ce17510a2c33f483ae176857aff90c14f8cf17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 11 Mar 2024 18:41:25 GMT

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 157ms
11ms Script
application/javascript 23.196.235.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.235.139 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-235-139.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 11 Mar 2024 18:41:25 GMT
Last-Modified: Thu, 29 Feb 2024 20:16:32 GMT
Server: Apple
ETag: W/"43171-1709237792773"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17356

GET
H2 200 gigya.js Show response
cdns.us1.gigya.com/js/ 518 KB
170 KB 396ms
335ms Script
text/javascript 2.16.184.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_NxfI9ciGpSIuPxIvT2XWOQ
Requested by: Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.184.240 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-184-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 58dcb504ce4f81ed5ae9987d3fd7e93a3946accb99bf0d44d209ab6a0cb03889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:25 GMT
content-encoding: gzip
x-soa: true, Gator
vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: *
x-callid: 3112fd4edd714d5eb57bdedf4a4aa54b
content-type: text/javascript; charset=utf-8
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-t22
x-error-code: 0
x-robots-tag: none
content-length: 173256

GET
H/1.1 200
OK stable.css
order.pennentertainment.com/public/css/ 343 KB
51 KB 104ms
102ms Stylesheet
text/css 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/public/css/stable.css?v=1.0.0.0

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

69cbf3d0039584fe7806b87551694c505b36d67842b59868fbe4a7c7124795a9

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 51654
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "55cd7-612ec9f34e477-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=99

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 42ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 18:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 18:41:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 18:41:25 GMT

GET
H/1.1 200
OK styles.fa4cbe2531060d86a448.css
order.pennentertainment.com/ 105 KB
16 KB 284ms
96ms Stylesheet
text/css 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/styles.fa4cbe2531060d86a448.css

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

e82724018508b7e474b70369a423639c1e6d914b4d1f504cbfec669445620ded

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 15677
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "1a4be-612ec9f3503b7-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=100

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 118 KB
36 KB 150ms
75ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67a60e8d0877049f837dff6121f5db7d5799af3ee03bf0f8b77dd491904c5c52

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-WS6d02z7IFeeNVHJC_mu6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-WS6d02z7IFeeNVHJC_mu6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmLw15BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMejp7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC3FzXFuwdz2bwIrPzeUAw_gw_Q"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 11 Mar 2024 18:41:26 GMT

GET
H/1.1 200
OK runtime-es2015.f3548e21828e763cb875.js Show response
order.pennentertainment.com/ 3 KB
3 KB 282ms
94ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2072952d6e1cae0377491a43bfd0b78c62f5c2e3783152437a82ecfbe40b9fc3

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 1852
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "cf0-612eca0686e2e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK polyfills-es2015.91d047c42ba61a17a359.js Show response
order.pennentertainment.com/ 84 KB
28 KB 286ms
97ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

074dd9040b1091ee4a48639fdde6fa37e5a6f8793ce2a6dc7c9f5325edc57068

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 27839
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "15118-612eca0685e8e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK scripts.e53bd6161c2c8c032a17.js Show response
order.pennentertainment.com/ 398 KB
111 KB 101ms
101ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/scripts.e53bd6161c2c8c032a17.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

6d9bb2c1d9e5befb145827423f07ce3421bf30a078b5fa292cb73128445990fb

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "6382a-612eca0684eee-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK main-es2015.79bfe0d41531e435645d.js Show response
order.pennentertainment.com/ 3 MB
687 KB 293ms
103ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/main-es2015.79bfe0d41531e435645d.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

ebd576e87553c3c97165f40e24460fa9f8c6a6fb720d2799b9785ca2f74ab66d

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "317609-612eca0686e2e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=100

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
64 KB 77ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PLHDKP

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/kansasspeedway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0edd83b4197e9dae6ec4f5fa1109fe8ed7bab672607e7414bb7391b923e65f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65076
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Mar 2024 18:41:26 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 494 KB
197 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 09:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 09:49:36 GMT

GET
H2 200 gigya.js Show response
cdns.us1.gigya.com/js/ 507 KB
166 KB 268ms
178ms XHR
text/javascript 2.16.184.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_NxfI9ciGpSIuPxIvT2XWOQ&version=canary
Requested by: Host: cdns.us1.gigya.com
URL: https://cdns.us1.gigya.com/js/gigya.js?apikey=4_NxfI9ciGpSIuPxIvT2XWOQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.184.240 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-184-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 12dd6763c421193021e751e889aaaae0513942172f6f7b29ec06cdb876b526f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
content-encoding: gzip
x-soa: true, Gator
vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: *
x-callid: 5c2673aa36334b449be25e5bdd7bda5c
content-type: text/javascript; charset=utf-8
cache-control: public, s-maxage=3600, max-age=900
x-server: us1d-nomad-t31
x-error-code: 0
x-robots-tag: none
content-length: 170123

GET
H2 200 sdk.config.get Show response
gigyaprod.pennentertainment.com/ 5 KB
3 KB 507ms
287ms Fetch
text/javascript 108.138.26.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigyaprod.pennentertainment.com/sdk.config.get?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&httpStatusCodes=true
Requested by: Host:
URL: canary.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-16.fra56.r.cloudfront.net
Software: /
Resource Hash: 5bf3dc92c5ea3f23404f8b1d1c1e87375b72fb2a78da357cd7a0efaf08c3de85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
content-encoding: gzip
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-P7
edge-cache-tag: siteid_707359093719
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Miss from cloudfront
x-error-code: 0
content-length: 2064
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: cbc7dfdffc5e416e83f2ba8f0912f908
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t28
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: N-K7mLpPghoaEmlWvyj8QkvUVzoao_3FGkmM1M9moeROdlF5alpJeQ==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 366D 19 KB
8 KB 219ms
218ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Forder.pennentertainment.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac961856fe70a030fd4ef2f64a633feb2992dac0093d5b002fdb4f6bffe1e586

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bRO4e-CwIgqBUiLZh23akQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://order.pennentertainment.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bRO4e-CwIgqBUiLZh23akQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 11 Mar 2024 18:41:26 GMT
expires: Mon, 11 Mar 2024 18:41:26 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmLw15BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMejp7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwXFuwdz2bwI3T374zAQD3rTH7"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DD4E 45 KB
29 KB 36ms
35ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH&co=aHR0cHM6Ly9vcmRlci5wZW5uZW50ZXJ0YWlubWVudC5jb206NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=creujni1ka8q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2937fb632834687852eeb5101941d72d0dc3d6fe427d7f4634bc08095252e747

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y_2cYz4qooFhJvPgQuMT_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y_2cYz4qooFhJvPgQuMT_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 18:41:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK settings Show response
order.pennentertainment.com/api/clientapps/ 3 KB
2 KB 300ms
300ms XHR
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/api/clientapps/settings?lang=en&device-id=17101824867198508229

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

1e42e693267040b60ae82354ddf24e367faebecaa93d8b6620be8827f580168b

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824867208522903
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 1072
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK translate Show response
order.pennentertainment.com/api/ 52 KB
17 KB 301ms
301ms XHR
application/json 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/api/translate?lang=en&device-id=17101824867211245623

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

0e181187de3238f21cde180a5a82d5e9a3dc621b39af0615f88b84be04b3e139

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824867214915927
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 16780
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=99

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NQEEK5J2P1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PLHDKP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7c958fe5718208ba2aa2a8a6df2d037e1e48d6a7688ea90a0b2fdf18e1abaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96171
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 18:41:26 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame DD4E 55 KB
24 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH&co=aHR0cHM6Ly9vcmRlci5wZW5uZW50ZXJ0YWlubWVudC5jb206NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=creujni1ka8q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 17:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 17:58:17 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame DD4E 494 KB
196 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 09:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200579
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 09:49:36 GMT

GET
H3 200 oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js Show response
www.google.com/js/bg/ Frame DD4E 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH&co=aHR0cHM6Ly9vcmRlci5wZW5uZW50ZXJ0YWlubWVudC5jb206NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=creujni1ka8q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:47:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 554045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6931
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:47:21 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DD4E 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 572158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Mar 2024 03:45:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD4E 15 KB
15 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:26:23 GMT
x-content-type-options: nosniff
age: 594903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 21:26:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD4E 15 KB
16 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 552589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 09:11:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DD4E 102 B
134 B 21ms
17ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LciZ_MgAAAAACU39H327DEx6_tKe-shGsAlN9vH&co=aHR0cHM6Ly9vcmRlci5wZW5uZW50ZXJ0YWlubWVudC5jb206NDQz&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=creujni1ka8q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 11 Mar 2024 18:41:26 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 366D 160 KB
57 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhKyIL4arCjTfnkGMbuWONEQTvXqw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Forder.pennentertainment.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29142282807f543b36899836ab87938c76744364bfa1888bdbadff146330a196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57824
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 02:34:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:33:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 36ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NQEEK5J2P1&gtm=45je4360v9118758133z89108291850za220&_p=1710182485452&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=872916555.1710182487&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710182486&sct=1&seg=0&dl=https%3A%2F%2Forder.pennentertainment.com%2Fkansasspeedway&dr=https%3A%2F%2Fqrcodes.pro%2F&dt=Order%20Online%20%7C%20PENN%20Entertainment&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1958
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NQEEK5J2P1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 18:41:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://order.pennentertainment.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 366D 75 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhKyIL4arCjTfnkGMbuWONEQTvXqw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26262bf301b196a97779adbdea9ca974c356801ae712d5864b5bb0d6a90b775b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27547
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:07 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 366D 1 MB
377 KB 70ms
70ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85da4232ecc6ed62f632184e2541e9002f56537612c397d46968a3213f6467c9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-CbNZNhMHrdIoqNn99NAyGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-CbNZNhMHrdIoqNn99NAyGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmLw15BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMejp7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwXFuwdz2bwIrOWweZAfT2MTg"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 11 Mar 2024 18:41:26 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 366D 10 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfda2d14f2de164f14d95ad0b9b0fd5effbf51850fffd4bb3ee8e01674cf292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4170
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:07 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 366D 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b31c557888de5a5ba74cab90820cfb4118a541f29a322e21bfd2e84fbfc436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14259
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:07 GMT

POST
H3 200 log Show response
play.google.com/ Frame 366D 131 B
155 B 60ms
44ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 18:41:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 18:41:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
13ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 18:41:26 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 366D 131 B
155 B 61ms
46ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 18:41:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 18:41:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
14ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 18:41:26 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 366D 131 B
155 B 60ms
45ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 18:41:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 18:41:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
15ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 18:41:26 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 Api.aspx Show response
gigyaprod.pennentertainment.com/gs/webSdk/ Frame 4362 124 KB
44 KB 304ms
287ms Document
text/html 108.138.26.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gigyaprod.pennentertainment.com/gs/webSdk/Api.aspx?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&version=canary&build=15791

Requested by

Host:
URL: canary.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.26.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-26-16.fra56.r.cloudfront.net

Software

Resource Hash

335e0b452b82dbe23fc1ef79c3d3d57724f24e52770a4500dc5f0068fb2b8b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://order.pennentertainment.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, s-maxage=3600, max-age=900
content-encoding: gzip
content-length: 44320
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 18:41:27 GMT
edge-cache-tag: siteid_707359093719,ver_canary
edge-control: !no-store,max-age=15m
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-id: QYOIiI_tMERnOfRiyRpp9-gR99yVOIlOl4g9a3S2FN2pqNQx3_FJYw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-callid: c90d2338c1ee4a469dbca6ff5b40cc77
x-error-code: 0
x-robots-tag: none
x-server: us1d-nomad-t30
x-soa: true, Gator

POST
H/1.1 200
OK guest Show response
order.pennentertainment.com/api/ 734 B
1 KB 1249ms
1249ms XHR
application/json 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/api/guest

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

736ff3f068b63606a501b37e0be4dfe9f9d97337db646145e0ab21b4a98fb27a

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Cache-Control: no-cache, max-age=0, no-store
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
If-Modified-Since: 0

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 425
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK 41-es2015.2d9ed5ce4f672520239c.js Show response
order.pennentertainment.com/ 56 KB
12 KB 96ms
95ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/41-es2015.2d9ed5ce4f672520239c.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

5dd83dbccb4e9840aae9f6f119b75bd3498a931fe1c10db89f2c76bdf69721ee

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 11038
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "e1c5-612eca0685e8e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK 42-es2015.8d20a1a32ddac3ba758e.js Show response
order.pennentertainment.com/ 2 KB
2 KB 94ms
94ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/42-es2015.8d20a1a32ddac3ba758e.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

88a5d4a93cff46055badf4039c7742670baa9ff606f856d800f2254dccfc4ece

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 933
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "7c7-612eca0686e2e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK 18-es2015.df31787dc9c47be7e210.js Show response
order.pennentertainment.com/ 12 KB
4 KB 95ms
95ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/18-es2015.df31787dc9c47be7e210.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

ce94e9a62968038903df3332e7de632db4465a87a85f2c6b02813a7517c3e5f8

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 3677
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "318f-612eca0685e8e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK 21-es2015.94cdadd9c33e40869d52.js Show response
order.pennentertainment.com/ 59 KB
15 KB 97ms
97ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/21-es2015.94cdadd9c33e40869d52.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

b88150e3e6b744b6270f2f1ca0a58d5c2d1fd1939afe3a3ae0cc3c41b22bdb0b

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 14848
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "ed9f-612ec9f351357-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK 22-es2015.33385a2b2a6cefc9b23f.js Show response
order.pennentertainment.com/ 52 KB
10 KB 96ms
96ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/22-es2015.33385a2b2a6cefc9b23f.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

6506466aa66a4f1fb5faa5ccc9c39f465b0006dfac2bb4e36329ac33b330a1aa

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 9781
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "ceea-612ec9f3503b7-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK 29-es2015.5c93716213ba55ad7698.js Show response
order.pennentertainment.com/ 191 KB
27 KB 98ms
98ms Script
application/javascript 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/29-es2015.5c93716213ba55ad7698.js

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/runtime-es2015.f3548e21828e763cb875.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2d646d7f7f5959497fd5d5747d3c1afbfd3a557c87c829c3ff752d6c6448b163

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 27187
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "2fb9c-612eca0686e2e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK cart.svg Show response
order.pennentertainment.com/assets/img/png/icons/ 456 B
1 KB 94ms
94ms XHR
image/svg+xml 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/assets/img/png/icons/cart.svg

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

cc4f6db890da7d7fe70e0aede6d5cc879e46cc7080644309f8dd5eebd44b919c

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 299
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "1c8-612eca0683f4e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK account.svg Show response
order.pennentertainment.com/assets/img/png/icons/ 242 B
921 B 94ms
94ms XHR
image/svg+xml 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/assets/img/png/icons/account.svg

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

abbbccf4aedb3d3e54b69410c6186d18f16881ace2187bcd8c73924102247d96

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 194
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "f2-612ec9f34e477-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK details Show response
order.pennentertainment.com/api/clientapps/ 20 KB
4 KB 224ms
224ms XHR
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/api/clientapps/details?brandId=kansasspeedway&external=0&lang=en&device-id=17101824871637884390

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

64a61334ccff0c07557f7986c0de71ef15aaed04f4c458d056dd6456da88d231

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 3051
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK orange.png
order.pennentertainment.com/assets/img/png/ 3 B
593 B 101ms
101ms Image
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://order.pennentertainment.com/assets/img/png/orange.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Referrer-Policy: strict-origin
Content-Security-Policy: frame-src https:
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive, Keep-Alive
Access-Control-Allow-Headers: content-type, ReCaptcha
Content-Length: 3
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK Roboto-Medium.woff2
order.pennentertainment.com/public/font/roboto/ 3 B
593 B 184ms
100ms Font
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/public/font/roboto/Roboto-Medium.woff2

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/public/css/stable.css?v=1.0.0.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Referrer-Policy: strict-origin
Content-Security-Policy: frame-src https:
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive, Keep-Alive
Access-Control-Allow-Headers: content-type, ReCaptcha
Content-Length: 3
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK logo.png
order.pennentertainment.com/assets/img/png/ 2 KB
3 KB 94ms
94ms Image
image/png 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://order.pennentertainment.com/assets/img/png/logo.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

53b63cec2a4afb5cc142f11411a5b2351eeebcf4f7edb4a0cba0a9a689b24ad6

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-src https:
Connection: keep-alive, Keep-Alive
Content-Length: 2217
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "8a9-612ec9f34e477"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK banner_1510.png
order.pennentertainment.com/assets/img/png/ 236 KB
236 KB 106ms
94ms Image
image/png 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://order.pennentertainment.com/assets/img/png/banner_1510.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

89ecdfa46f12ee300708021c0d2ae41dab47e261c4238b4783291eb015718acf

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-src https:
Connection: keep-alive, Keep-Alive
Content-Length: 241153
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "3ae01-612eca0683f4e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=93

GET
H2 200 sdk.config.get Show response
gigyaprod.pennentertainment.com/ Frame 4362 5 KB
3 KB 8ms
7ms Fetch
text/javascript 108.138.26.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigyaprod.pennentertainment.com/sdk.config.get?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&httpStatusCodes=true
Requested by: Host: gigyaprod.pennentertainment.com
URL: https://gigyaprod.pennentertainment.com/gs/webSdk/Api.aspx?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&version=canary&build=15791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-16.fra56.r.cloudfront.net
Software: /
Resource Hash: 5bf3dc92c5ea3f23404f8b1d1c1e87375b72fb2a78da357cd7a0efaf08c3de85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gigyaprod.pennentertainment.com/gs/webSdk/Api.aspx?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&version=canary&build=15791
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:26 GMT
content-encoding: gzip
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA56-P7
edge-cache-tag: siteid_707359093719
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
edge-control: !no-store,max-age=15m
x-cache: Hit from cloudfront
x-error-code: 0
content-length: 2064
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-callid: cbc7dfdffc5e416e83f2ba8f0912f908
cache-control: public, s-maxage=120, max-age=60
x-server: us1d-nomad-t28
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4kAeN5JkCK3aOROZDNV2QvXZY6nrouxM2Mchp0cLJoYHLDIdReSbiQ==

GET
H2 200 accounts.webSdkBootstrap Show response
gigyaprod.order.pennentertainment.com/ 199 B
1 KB 707ms
396ms XHR
text/javascript 18.66.147.66

General

Check archive.org

Show headers Download Go to

Full URL: https://gigyaprod.order.pennentertainment.com/accounts.webSdkBootstrap?apiKey=4_NxfI9ciGpSIuPxIvT2XWOQ&pageURL=https%3A%2F%2Forder.pennentertainment.com%2Fkansasspeedway&sdk=js_canary&sdkBuild=15791&format=json
Requested by: Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.66 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e608b05bb1f83997cdf0b8007645fbaab5562bbad77d9c83c45e7e5d5168ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:41:27 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-soa: true, Gator
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-error-code: 0
content-length: 174
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://order.pennentertainment.com
x-callid: 12f8455ed2944cfcb63130527b80c1b8
cache-control: private
access-control-allow-credentials: true
x-server: us1d-nomad-t30
vary: Origin, Accept-Encoding
x-robots-tag: none
x-amz-cf-id: wZH9I2ekG60oMGUFv9uV4fIdldD7FSYjhkf5Rt_jaRYPBqlh48QQ_Q==

GET
H/1.1 200
OK Roboto-Medium.woff
order.pennentertainment.com/public/font/roboto/ 3 B
593 B 100ms
99ms Font
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/public/font/roboto/Roboto-Medium.woff

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/public/css/stable.css?v=1.0.0.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Referrer-Policy: strict-origin
Content-Security-Policy: frame-src https:
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive, Keep-Alive
Access-Control-Allow-Headers: content-type, ReCaptcha
Content-Length: 3
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK pin-drop.svg Show response
order.pennentertainment.com/assets/img/png/icons/ 408 B
995 B 94ms
94ms XHR
image/svg+xml 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/assets/img/png/icons/pin-drop.svg

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

effecaec463ca77b60a7e59dcbacd91f02b892108aae186a6c4688c597d1d035

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 267
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "198-612ec9f34e477-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK info.svg Show response
order.pennentertainment.com/assets/img/png/icons/ 257 B
921 B 94ms
94ms XHR
image/svg+xml 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/assets/img/png/icons/info.svg

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

5449bb3cde48a80a67179ad41f58baebafee692583420ea97acfeb54e42260f3

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 193
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:12 GMT
Server: Apache
ETag: "101-612ec9f34e477-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK watch_later.svg Show response
order.pennentertainment.com/assets/img/png/icons/ 557 B
1014 B 94ms
94ms XHR
image/svg+xml 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/assets/img/png/icons/watch_later.svg

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/polyfills-es2015.91d047c42ba61a17a359.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

4787eaad05aad851441226eda0d795d0c696e3abb016357749a8cc7636044036

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Device-Id: 17101824871637884390
Referer: https://order.pennentertainment.com/
Language: en
accept-language: de-DE,de;q=0.9
ENV: prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Content-Security-Policy: frame-src https:
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 285
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 05 Mar 2024 16:49:33 GMT
Server: Apache
ETag: "22d-612eca0683f4e-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type, ReCaptcha
Keep-Alive: timeout=5, max=100

GET
H2 200 3001b5b7293f4276988e207a9ebb2017_D@2x.png
content.tacitcorp.ca/restaurants/ 67 KB
68 KB 87ms
27ms Image
image/png 2600:9000:26da:c000:3:7280:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.tacitcorp.ca/restaurants/3001b5b7293f4276988e207a9ebb2017_D@2x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:c000:3:7280:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9055d41ca3592be9f8510450912a74f99c19b65b359321dedc7d99b6e5372823

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 01:09:27 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 408720
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="MUC50-P4",cdn-rid;desc="QQWBGeKs0g6CPsVtL06vEFGww0upLA_lLeJvcETXr0Jy5-_gNeWPRg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=19
alt-svc: h3=":443"; ma=86400
content-length: 68353
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 28 Sep 2022 17:20:59 GMT
server: Microsoft-IIS/10.0
etag: "c8143ad5ed3d81:0"
x-frame-options: sameorigin
vary: Origin
content-type: image/png
cache-control: max-age=2419200
feature-policy: vibrate 'self'
accept-ranges: bytes
x-amz-cf-id: QQWBGeKs0g6CPsVtL06vEFGww0upLA_lLeJvcETXr0Jy5-_gNeWPRg==

GET
H2 200 7f3bc2fbb56a4ab780605f18e36430da_D@2x.png
content.tacitcorp.ca/restaurants/ 50 KB
51 KB 175ms
115ms Image
image/png 2600:9000:26da:c000:3:7280:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.tacitcorp.ca/restaurants/7f3bc2fbb56a4ab780605f18e36430da_D@2x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:c000:3:7280:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f0fbed096338355f2519305e62ffcbdf8fcd59c6802b9a558b20804f24d39de7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 21:52:42 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 334125
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="MUC50-P4",cdn-rid;desc="dPT8kwevKzPJZoRwFMrCl-elQJXvwKYGAXutbAkZhDN-gJzFVyDBZQ==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=108
alt-svc: h3=":443"; ma=86400
content-length: 51514
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 28 Sep 2022 17:19:55 GMT
server: Microsoft-IIS/10.0
etag: "8c1b2f875ed3d81:0"
x-frame-options: sameorigin
vary: Origin
content-type: image/png
cache-control: max-age=2419200
feature-policy: vibrate 'self'
accept-ranges: bytes
x-amz-cf-id: dPT8kwevKzPJZoRwFMrCl-elQJXvwKYGAXutbAkZhDN-gJzFVyDBZQ==

GET
H2 200 46aefb51ff2640c68dc50b413787741e_D@2x.png
content.tacitcorp.ca/restaurants/ 37 KB
38 KB 179ms
118ms Image
image/png 2600:9000:26da:c000:3:7280:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.tacitcorp.ca/restaurants/46aefb51ff2640c68dc50b413787741e_D@2x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:c000:3:7280:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

adff32f15f5cb16aabba968e8fb6576503f7bffee9c43d31df036907ebf6b5c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 07:45:41 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 471346
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="MUC50-P4",cdn-rid;desc="i4IH1zy0WHi7mf2LJ28H68R_lsYQHJ8vLNInVP5xOemDSrt2bIMhSA==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=111
alt-svc: h3=":443"; ma=86400
content-length: 38215
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 28 Sep 2022 17:18:42 GMT
server: Microsoft-IIS/10.0
etag: "fd20755b5ed3d81:0"
x-frame-options: sameorigin
vary: Origin
content-type: image/png
cache-control: max-age=2419200
feature-policy: vibrate 'self'
accept-ranges: bytes
x-amz-cf-id: i4IH1zy0WHi7mf2LJ28H68R_lsYQHJ8vLNInVP5xOemDSrt2bIMhSA==

GET
H2 200 PENNPlayCardsTacit552x348_en.png
content.tacitcorp.ca/restaurants/ 120 KB
121 KB 81ms
27ms Image
image/png 2600:9000:26da:c000:3:7280:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.tacitcorp.ca/restaurants/PENNPlayCardsTacit552x348_en.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:c000:3:7280:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1c698b29aacec7fdcd40b3270f8f288cc797b475e8919ae4775af9cf0db17b0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 08:38:24 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 2023383
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="MUC50-P4",cdn-rid;desc="1z02-LQF02aXJRA5BWs-V7-TFHcdHhGN-tcajEITJ5_Lpxgpcluiyw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=19
alt-svc: h3=":443"; ma=86400
content-length: 122677
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 14 Apr 2023 22:36:56 GMT
server: Microsoft-IIS/10.0
etag: "0f469e216fd91:0"
x-frame-options: sameorigin
vary: Origin
content-type: image/png
cache-control: max-age=2419200
feature-policy: vibrate 'self'
accept-ranges: bytes
x-amz-cf-id: 1z02-LQF02aXJRA5BWs-V7-TFHcdHhGN-tcajEITJ5_Lpxgpcluiyw==

GET
H2 200 c3a814546b5745549dfc7aea07361eab_bw.png
content.tacitcorp.ca/restaurants/ 12 KB
13 KB 179ms
125ms Image
image/png 2600:9000:26da:c000:3:7280:4e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.tacitcorp.ca/restaurants/c3a814546b5745549dfc7aea07361eab_bw.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:c000:3:7280:4e00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

30260b69019598a893f24f922aff63b358a48faf7f4fa46cb2795cd8330937f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://order.pennentertainment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'
x-content-type-options: nosniff
date: Wed, 06 Mar 2024 14:00:29 GMT
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 448858
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
server-timing: cdn-cache-hit,cdn-pop;desc="MUC50-P4",cdn-rid;desc="VJ4B2ymVaak_CEG91fSnJHTCwvNbtP6RLpDWErTCVMg5SB981WBEig==",cdn-hit-layer;desc="Origin Shield",cdn-downstream-fbl;dur=118
alt-svc: h3=":443"; ma=86400
content-length: 12294
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 27 Feb 2023 21:46:02 GMT
server: Microsoft-IIS/10.0
etag: "d072ce3f44ad91:0"
x-frame-options: sameorigin
vary: Origin
content-type: image/png
cache-control: max-age=2419200
feature-policy: vibrate 'self'
accept-ranges: bytes
x-amz-cf-id: VJ4B2ymVaak_CEG91fSnJHTCwvNbtP6RLpDWErTCVMg5SB981WBEig==

GET
H/1.1 200
OK Roboto-Medium.ttf
order.pennentertainment.com/public/font/roboto/ 3 B
593 B 100ms
100ms Font
text/html 40.79.23.114
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://order.pennentertainment.com/public/font/roboto/Roboto-Medium.ttf

Requested by

Host: order.pennentertainment.com
URL: https://order.pennentertainment.com/public/css/stable.css?v=1.0.0.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.79.23.114 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Security Headers

Name	Value
Content-Security-Policy	frame-src https:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://order.pennentertainment.com/
Origin: https://order.pennentertainment.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 18:41:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Referrer-Policy: strict-origin
Content-Security-Policy: frame-src https:
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive, Keep-Alive
Access-Control-Allow-Headers: content-type, ReCaptcha
Content-Length: 3
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=95

GET sso.htm
gigyaprod.pennentertainment.com/gs/ Frame 3278 0
0

GET sso.htm
gigyaprod.pennentertainment.com/gs/ Frame F592 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gigyaprod.pennentertainment.com
URL: https://gigyaprod.pennentertainment.com/gs/sso.htm?APIKey=3_Ihhi0RyUjbgIrTc0VPbCuHl1VCOjnGhGlRnexBq5hBPQpDOD6DEeNRP4xSQkMOLD&ssoSegment=&version=canary&build=15791

Domain: gigyaprod.pennentertainment.com
URL: https://gigyaprod.pennentertainment.com/gs/sso.htm?APIKey=3_Ihhi0RyUjbgIrTc0VPbCuHl1VCOjnGhGlRnexBq5hBPQpDOD6DEeNRP4xSQkMOLD&ssoSegment=&version=canary&build=15791

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qrcodes.pro/	1970-01-21 03:48:38	Name: visitor-id Value: 1710182484T!YwlI
qrcodes.pro/	1970-01-20 19:03:06	Name: mappable_id Value: 1710182484T!YwlI_1710182484
qrcodes.pro/	1970-01-20 19:03:02	Name: access_token Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtYXBwYWJsZUlEIjoiMTcxMDE4MjQ4NFQhWXdsSV8xNzEwMTgyNDg0IiwidGltZXN0YW1wIjoxNzEwMTgyNDg0NjcxLCJpYXQiOjE3MTAxODI0NTQsImV4cCI6MTcxMDE4Mjc4NH0.pjCYJG-0PXV-7IUMj_j6p3eA5vm4BOfV9a5sEszVpjE
.order.pennentertainment.com/	1969-12-31 23:59:59	Name: gig_canary Value: true
.order.pennentertainment.com/	1969-12-31 23:59:59	Name: gig_canary_ver Value: 15791-3-28503045
.pennentertainment.com/	1970-01-21 04:39:02	Name: _ga Value: GA1.1.872916555.1710182487
.pennentertainment.com/	1970-01-21 04:39:02	Name: _ga_NQEEK5J2P1 Value: GS1.1.1710182486.1.0.1710182486.0.0.0
.google.com/	1970-01-20 23:26:33	Name: NID Value: 512=K1rHH77IU3vhr_Dvuo1Jv7RBTNUSdxwSooSlIb4J3ZPifzNkg79kpmxVzJKCGj-IW9h-oXvvjZpBo73bWeJC0QzJsk6N4corhXZ3OfVYTBfSjeQnrRMgCdz2GNk4_1XC4JvKt18PYBg0g3UOthVE6IcQK7c9iH0MgihK_x5GVFk
.gigyaprod.pennentertainment.com/	1970-01-21 03:48:38	Name: apiDomain_3_Ihhi0RyUjbgIrTc0VPbCuHl1VCOjnGhGlRnexBq5hBPQpDOD6DEeNRP4xSQkMOLD Value: gigyaprod.order.pennentertainment.com
order.pennentertainment.com/	1970-01-21 04:39:02	Name: tacit_session Value: eyJpdiI6IlZ1V1U4Nk9yaVQxVm9kT3hUbVZXQXc9PSIsInZhbHVlIjoiTndTTFZGczZ5K08rRjV4MDk5aFdMOER2eHdkWWU3eENjY2tHNTBkd25SQ3d2dFNDRENUc0dMVXljU3hhY2V3OUtcL1NMdDB0dDMzRnBPVm5pckpVRDdNVUtndkVEZ3dpU0tyQWZtWHVXWWFYZkJJRFloSzZ1YVJGR3M3XC9GTkY5MCIsIm1hYyI6ImI2YTMyMzZhYTBhMzRhY2ZiOWIyYzIwOTVlNDhhOGM3NzQ4ZmIxZGY4Y2M1MjJjOGI0NmYzZjMxZjkxMTlhNGMifQ%3D%3D

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://order.pennentertainment.com/kansasspeedway(Line 53) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Failed to decode downloaded font: https://order.pennentertainment.com/public/font/roboto/Roboto-Medium.woff2
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: OTS parsing error: file less than 4 bytes
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Failed to decode downloaded font: https://order.pennentertainment.com/public/font/roboto/Roboto-Medium.woff
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: OTS parsing error: file less than 4 bytes
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: Failed to decode downloaded font: https://order.pennentertainment.com/public/font/roboto/Roboto-Medium.ttf
other	warning	URL: https://order.pennentertainment.com/kansasspeedway Message: OTS parsing error: file less than 4 bytes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
cdns.us1.gigya.com
content.tacitcorp.ca
fonts.googleapis.com
fonts.gstatic.com
gigyaprod.order.pennentertainment.com
gigyaprod.pennentertainment.com
order.pennentertainment.com
pay.google.com
play.google.com
qrcodes.pro
region1.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
gigyaprod.pennentertainment.com
108.138.26.16
143.204.98.40
18.66.147.66
2.16.184.240
2001:4860:4802:32::36
23.196.235.139
2600:9000:26da:c000:3:7280:4e00:93a1
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c02::5c
2a00:1450:400c:c0a::54
40.79.23.114
074dd9040b1091ee4a48639fdde6fa37e5a6f8793ce2a6dc7c9f5325edc57068
0e181187de3238f21cde180a5a82d5e9a3dc621b39af0615f88b84be04b3e139
12dd6763c421193021e751e889aaaae0513942172f6f7b29ec06cdb876b526f2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c698b29aacec7fdcd40b3270f8f288cc797b475e8919ae4775af9cf0db17b0c
1e42e693267040b60ae82354ddf24e367faebecaa93d8b6620be8827f580168b
2072952d6e1cae0377491a43bfd0b78c62f5c2e3783152437a82ecfbe40b9fc3
26262bf301b196a97779adbdea9ca974c356801ae712d5864b5bb0d6a90b775b
29142282807f543b36899836ab87938c76744364bfa1888bdbadff146330a196
2937fb632834687852eeb5101941d72d0dc3d6fe427d7f4634bc08095252e747
2d646d7f7f5959497fd5d5747d3c1afbfd3a557c87c829c3ff752d6c6448b163
30260b69019598a893f24f922aff63b358a48faf7f4fa46cb2795cd8330937f6
335e0b452b82dbe23fc1ef79c3d3d57724f24e52770a4500dc5f0068fb2b8b0f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4787eaad05aad851441226eda0d795d0c696e3abb016357749a8cc7636044036
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53b63cec2a4afb5cc142f11411a5b2351eeebcf4f7edb4a0cba0a9a689b24ad6
5449bb3cde48a80a67179ad41f58baebafee692583420ea97acfeb54e42260f3
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
58dcb504ce4f81ed5ae9987d3fd7e93a3946accb99bf0d44d209ab6a0cb03889
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a94418c2f495c0c6ca71bb6ec211ebd32b75782eb124b009b06e7e52401f807
5bf3dc92c5ea3f23404f8b1d1c1e87375b72fb2a78da357cd7a0efaf08c3de85
5dd83dbccb4e9840aae9f6f119b75bd3498a931fe1c10db89f2c76bdf69721ee
64a61334ccff0c07557f7986c0de71ef15aaed04f4c458d056dd6456da88d231
6506466aa66a4f1fb5faa5ccc9c39f465b0006dfac2bb4e36329ac33b330a1aa
67a60e8d0877049f837dff6121f5db7d5799af3ee03bf0f8b77dd491904c5c52
69cbf3d0039584fe7806b87551694c505b36d67842b59868fbe4a7c7124795a9
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
6d9bb2c1d9e5befb145827423f07ce3421bf30a078b5fa292cb73128445990fb
6e608b05bb1f83997cdf0b8007645fbaab5562bbad77d9c83c45e7e5d5168ecc
736ff3f068b63606a501b37e0be4dfe9f9d97337db646145e0ab21b4a98fb27a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
85da4232ecc6ed62f632184e2541e9002f56537612c397d46968a3213f6467c9
88a5d4a93cff46055badf4039c7742670baa9ff606f856d800f2254dccfc4ece
89ecdfa46f12ee300708021c0d2ae41dab47e261c4238b4783291eb015718acf
9055d41ca3592be9f8510450912a74f99c19b65b359321dedc7d99b6e5372823
967cff2798b48a58b362bae040cfea5990b72c9f28f6fc2751ae46aaf572a3e3
9aeb9ae797ddb7a89d760b1794ce17510a2c33f483ae176857aff90c14f8cf17
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
abbbccf4aedb3d3e54b69410c6186d18f16881ace2187bcd8c73924102247d96
ac961856fe70a030fd4ef2f64a633feb2992dac0093d5b002fdb4f6bffe1e586
adff32f15f5cb16aabba968e8fb6576503f7bffee9c43d31df036907ebf6b5c9
b88150e3e6b744b6270f2f1ca0a58d5c2d1fd1939afe3a3ae0cc3c41b22bdb0b
bdfda2d14f2de164f14d95ad0b9b0fd5effbf51850fffd4bb3ee8e01674cf292
c9b31c557888de5a5ba74cab90820cfb4118a541f29a322e21bfd2e84fbfc436
cc4f6db890da7d7fe70e0aede6d5cc879e46cc7080644309f8dd5eebd44b919c
ce94e9a62968038903df3332e7de632db4465a87a85f2c6b02813a7517c3e5f8
d41652ad604f8729303934a00b5249e40231f5f8b52684025efb3d8378e7933b
e0edd83b4197e9dae6ec4f5fa1109fe8ed7bab672607e7414bb7391b923e65f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82724018508b7e474b70369a423639c1e6d914b4d1f504cbfec669445620ded
ebd576e87553c3c97165f40e24460fa9f8c6a6fb720d2799b9785ca2f74ab66d
effecaec463ca77b60a7e59dcbacd91f02b892108aae186a6c4688c597d1d035
f0fbed096338355f2519305e62ffcbdf8fcd59c6802b9a558b20804f24d39de7
f7c958fe5718208ba2aa2a8a6df2d037e1e48d6a7688ea90a0b2fdf18e1abaa7

order.pennentertainment.com Open in urlscan Pro 40.79.23.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

63 %IPv6

10 Domains

16 Subdomains

17 IPs

3 Countries

3188 kBTransfer

9769 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

order.pennentertainment.com Open in urlscan Pro
40.79.23.114 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

63 %
IPv6

10
Domains

16
Subdomains

17
IPs

3
Countries

3188 kB
Transfer

9769 kB
Size

10
Cookies

72 HTTP transactions
0 data transactions