fandiem.com Open in urlscan Pro
23.227.38.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/...
Effective URL:
https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintow...
Submission Tags: falconsandbox
Submission: On May 22 via api (May 22nd 2022, 1:33:42 pm UTC) from US — Scanned from DE

Summary HTTP 232 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 64 IPs in 8 countries across 48 domains to perform 232 HTTP transactions. The main IP is 23.227.38.32, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is fandiem.com. The Cisco Umbrella rank of the primary domain is 887297.
TLS certificate: Issued by R3 on May 2nd 2022. Valid for: 3 months.

This is the only time fandiem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
1	51.15.139.10 51.15.139.10	12876 (Online SAS) (Online SAS)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1 14	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2600:9000:21f... 2600:9000:21f3:d800:15:5e1:43c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
35	104.16.255.71 104.16.255.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206f:c00:1c:cd6a:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.119.43.107 18.119.43.107	16509 (AMAZON-02) (AMAZON-02)
1	52.223.36.104 52.223.36.104	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2600:9000:206... 2600:9000:206f:6c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.209.91.188 54.209.91.188	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:4b::84 2a04:4e42:4b::84	54113 (FASTLY) (FASTLY)
6	104.104.52.65 104.104.52.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	52.214.198.95 52.214.198.95	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.79.88.150 104.79.88.150	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	18.66.248.94 18.66.248.94	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
12	2600:9000:214... 2600:9000:214f:4800:1a:25dd:c980:21	16509 (AMAZON-02) (AMAZON-02)
1	3.33.204.12 3.33.204.12	16509 (AMAZON-02) (AMAZON-02)
2	52.219.101.106 52.219.101.106	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	108.157.4.87 108.157.4.87	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	96.16.131.108 96.16.131.108	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.216.242.14 52.216.242.14	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.139.26.44 18.139.26.44	() ()
6	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	3.139.21.16 3.139.21.16	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:224a:ac00:7:6365:89c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.73.119.88 52.73.119.88	14618 (AMAZON-AES) (AMAZON-AES)
1	18.64.115.78 18.64.115.78	16509 (AMAZON-02) (AMAZON-02)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4	108.157.4.53 108.157.4.53	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	54.152.99.78 54.152.99.78	() ()
3	18.64.103.22 18.64.103.22	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	() ()
1	2a00:1450:400... 2a00:1450:4001:80e::200a	() ()
1	2606:4700::68... 2606:4700::6811:190e	() ()
232	64

1 167.89.123.16 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u1126135.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.139.10 (France)

ASN12876 (Online SAS, FR)
PTR: 10-139-15-51.instances.scw.cloud

winwith.fandiem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.227.38.32 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

fandiem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:21f3:d800:15:5e1:43c0:21 (United States)

ASN16509 (AMAZON-02, US)

dpjhaiprv9czz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

triplewhale-pixel.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.16.255.71 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:c00:1c:cd6a:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets1.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.119.43.107 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-43-107.us-east-2.compute.amazonaws.com

app.theadslab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.36.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae8af9489dcf8bb01.awsglobalaccelerator.com

tls-use1.fpapi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:6c00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com

app.fandiem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4b::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.104.52.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-65.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.198.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-198-95.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9197 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.79.88.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-150.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.248.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-94.dus51.r.cloudfront.net

widgetv3.bandsintown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:214f:4800:1a:25dd:c980:21 (United States)

ASN16509 (AMAZON-02, US)

d1tkzf9ss7ctgm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.204.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: a082a4fa0823469f3.awsglobalaccelerator.com

h.trey.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.101.106 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

fandiem-storage.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-87.dus51.r.cloudfront.net

rest.bandsintown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.131.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-131-108.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.242.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:76b (United States)

ASN13335 (CLOUDFLARENET, US)

shy.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.139.26.44 (None, )

ASN- ()

sp-auction.webkul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.139.21.16 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-21-16.us-east-2.compute.amazonaws.com

account-invite.merchantyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:ac00:7:6365:89c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.119.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-119-88.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.115.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-78.txl50.r.cloudfront.net

px1.bandsintown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net

sdk.postscript.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.152.99.78 (None, )

ASN- ()

api.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.64.103.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-22.txl50.r.cloudfront.net

api.postscript.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (None, )

ASN- ()

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	cloudfront.net dpjhaiprv9czz.cloudfront.net d1tkzf9ss7ctgm.cloudfront.net	6 MB
21	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2262	464 KB
17	fandiem.com 1 redirects winwith.fandiem.com fandiem.com — Cisco Umbrella Rank: 887297 app.fandiem.com	261 KB
14	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2936	4 KB
10	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 358	4 KB
9	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3845 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4290 fast.a.klaviyo.com — Cisco Umbrella Rank: 4932 static-forms.klaviyo.com — Cisco Umbrella Rank: 4892	76 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	736 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	60 KB
8	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 685 www.google.com — Cisco Umbrella Rank: 7	14 KB
7	postscript.io sdk.postscript.io — Cisco Umbrella Rank: 22555 api.postscript.io — Cisco Umbrella Rank: 23269 location.postscript.io Failed	106 KB
7	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 276 fonts.googleapis.com — Cisco Umbrella Rank: 46 ajax.googleapis.com	64 KB
7	bandsintown.com widgetv3.bandsintown.com — Cisco Umbrella Rank: 502381 rest.bandsintown.com — Cisco Umbrella Rank: 96416 px1.bandsintown.com — Cisco Umbrella Rank: 60426	279 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5483	883 B
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1150	73 KB
6	adroll.com 1 redirects assets1.adroll.com — Cisco Umbrella Rank: 29408 s.adroll.com — Cisco Umbrella Rank: 2620 d.adroll.com — Cisco Umbrella Rank: 1559	26 KB
5	pushowl.com cdn.pushowl.com — Cisco Umbrella Rank: 14395 api.pushowl.com	38 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745	4 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	95 KB
4	web.app triplewhale-pixel.web.app — Cisco Umbrella Rank: 33426	46 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	604 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	227 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	222 KB
3	elfsight.com shy.elfsight.com — Cisco Umbrella Rank: 36488 static.elfsight.com	82 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	amazonaws.com fandiem-storage.s3.us-east-2.amazonaws.com s3.amazonaws.com	286 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 856	2 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	18 KB
3	theadslab.io app.theadslab.io — Cisco Umbrella Rank: 496783	25 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 910	21 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 525	2 KB
2	webkul.com sp-auction.webkul.com	18 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 750	19 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8451 prism.app-us1.com — Cisco Umbrella Rank: 8518	6 KB
1	cloudflare.com cdnjs.cloudflare.com	17 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
1	merchantyard.com account-invite.merchantyard.com	2 KB
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 4794	4 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	29 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 211	4 KB
1	trey.shop h.trey.shop — Cisco Umbrella Rank: 42593	1 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5319	91 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8124	362 B
1	t.co t.co — Cisco Umbrella Rank: 495	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 534	355 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 939	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 638	14 KB
1	fpapi.io tls-use1.fpapi.io — Cisco Umbrella Rank: 21735	335 B
1	sendgrid.net 1 redirects u1126135.ct.sendgrid.net — Cisco Umbrella Rank: 611308	253 B
232	48

	Domain	Requested by
21	cdn.shopify.com	fandiem.com cdn.shopify.com
21	dpjhaiprv9czz.cloudfront.net	fandiem.com dpjhaiprv9czz.cloudfront.net
14	monorail-edge.shopifysvc.com	cdn.shopify.com
14	fandiem.com	1 redirects winwith.fandiem.com cdn.shopify.com
12	d1tkzf9ss7ctgm.cloudfront.net	fandiem.com
9	www.youtube.com	dpjhaiprv9czz.cloudfront.net www.youtube.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.shopify.com fandiem.com
7	www.google.com	2 redirects fandiem.com www.youtube.com
7	www.google.de	winwith.fandiem.com fandiem.com
6	analytics.tiktok.com	cdn.shopify.com analytics.tiktok.com
5	static.klaviyo.com	fandiem.com static.klaviyo.com
5	googleads.g.doubleclick.net	2 redirects www.googleadservices.com www.youtube.com
4	sdk.postscript.io	cdn.shopify.com sdk.postscript.io
4	jnn-pa.googleapis.com	www.youtube.com
4	widgetv3.bandsintown.com	dpjhaiprv9czz.cloudfront.net widgetv3.bandsintown.com
4	cdn.jsdelivr.net	fandiem.com
4	triplewhale-pixel.web.app	fandiem.com winwith.fandiem.com cdn.shopify.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com cdn.shopify.com
4	www.facebook.com	winwith.fandiem.com fandiem.com
4	connect.facebook.net	winwith.fandiem.com connect.facebook.net cdn.shopify.com
4	www.googletagmanager.com	winwith.fandiem.com www.googletagmanager.com cdn.shopify.com widgetv3.bandsintown.com
3	api.postscript.io	cdn.shopify.com sdk.postscript.io
3	cdn.pushowl.com	fandiem.com cdn.shopify.com
3	ct.pinterest.com	cdn.shopify.com fandiem.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	s.adroll.com	1 redirects assets1.adroll.com fandiem.com
3	app.theadslab.io	fandiem.com app.theadslab.io
3	unpkg.com	2 redirects fandiem.com
2	fonts.googleapis.com	client sdk.postscript.io
2	api.pushowl.com	cdn.shopify.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	i.liadm.com	2 redirects
2	sp-auction.webkul.com	fandiem.com
2	shy.elfsight.com	fandiem.com shy.elfsight.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	rest.bandsintown.com	widgetv3.bandsintown.com cdn.shopify.com
2	fandiem-storage.s3.us-east-2.amazonaws.com	fandiem.com
2	px.ads.linkedin.com	2 redirects
2	s.pinimg.com	cdn.shopify.com s.pinimg.com
2	app.fandiem.com	dpjhaiprv9czz.cloudfront.net cdn.shopify.com
2	assets1.adroll.com	fandiem.com
1	cdnjs.cloudflare.com	sp-auction.webkul.com
1	ajax.googleapis.com	sp-auction.webkul.com
1	stackpath.bootstrapcdn.com	sdk.postscript.io
1	static.elfsight.com	shy.elfsight.com
1	static-forms.klaviyo.com	cdn.shopify.com
1	fast.a.klaviyo.com	cdn.shopify.com
1	px1.bandsintown.com
1	account-invite.merchantyard.com	fandiem.com
1	s3.amazonaws.com	fandiem.com
1	chimpstatic.com	fandiem.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	h.trey.shop	cdn.shopify.com
1	i.imgur.com	fandiem.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	d.adroll.com	s.adroll.com
1	t.co	fandiem.com
1	analytics.twitter.com	fandiem.com
1	px4.ads.linkedin.com	fandiem.com
1	www.linkedin.com	1 redirects
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	snap.licdn.com	fandiem.com
1	static.ads-twitter.com	fandiem.com
1	diffuser-cdn.app-us1.com	fandiem.com
1	tls-use1.fpapi.io	winwith.fandiem.com
1	analytics.google.com	www.googletagmanager.com
1	winwith.fandiem.com
1	u1126135.ct.sendgrid.net	1 redirects
0	location.postscript.io Failed	sdk.postscript.io
232	72

This site contains links to these domains. Also see Links.

Domain
www.sweetrelief.org
facebook.com
twitter.com
instagram.com
tiktok.com
www.linkedin.com
docs.google.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-28` - `2022-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
fandiem.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
web.app GTS CA 1D4	`2022-04-12` - `2022-07-11`	3 months	crt.sh
cdn.shopify.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
assets1.adroll.com Amazon	`2021-08-18` - `2022-09-16`	a year	crt.sh
app.theadslab.io Amazon	`2022-02-03` - `2023-03-04`	a year	crt.sh
tls-use1.fpapi.io R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
app.fandiem.com R3	`2022-05-12` - `2022-08-10`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.bandsintown.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
h.trey.shop Amazon	`2022-03-20` - `2023-04-18`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
*.webkul.com Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
static.klaviyo.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
account-invite.merchantyard.com R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
ik.imagekit.io R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
postscript.io Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
fast.a.klaviyo.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
static-forms.klaviyo.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
pushowl.com Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Frame ID: B2DC0683F85C410EF98BA9C09E07A32E
Requests: 203 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qjLGWf-qzxs
Frame ID: A6026ABCD4860281314CE4C2599B7326
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5D0976774D0C2B27130D3E9ADF9C373B
Requests: 1 HTTP requests in this frame

Frame: https://widgetv3.bandsintown.com/widget_iframe.html?affil_code=js_fandiem.com&app_id=js_fandiem.com&artist_id=12324703&artist_name=Kesha&came_from_code=700
Frame ID: 23C42EEAD30E477DADBBE1690F9CE3B9
Requests: 6 HTTP requests in this frame

Frame: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Frame ID: AF8D252CE2195E287B30E615C2274B86
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Win an Autographed Picture of Kesha

Page URL History Show full URLs

https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2... HTTP 302
http://winwith.fandiem.com/f-covid-kesha-bit-blast Page URL
https://fandiem.com/kesha?utm_source=bandsintown&utm_medium=partner-bandsintown-blast-from-bit&u... HTTP 301
https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_conten... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

PushOwl (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.pushowl\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

232
Requests

95 %
HTTPS

52 %
IPv6

48
Domains

72
Subdomains

64
IPs

8
Countries

9555 kB
Transfer

20556 kB
Size

50
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sweetrelief.org/get-assistance.html
Title: COVID-19 Fund

Search URL Search Domain Scan URL

URL: https://facebook.com/winwithfandiem

Search URL Search Domain Scan URL

URL: https://twitter.com/winwithfandiem

Search URL Search Domain Scan URL

URL: https://instagram.com/winwithfandiem

Search URL Search Domain Scan URL

URL: http://tiktok.com/@winwithfandiem

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fandiem/

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSclCPN9FQVn2Ack4nkH4oQCI_Eh6G4CCLkpmybjFyRAwJd2cg/viewform
Title: Apply as Partner

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/JFx7KXEoSiOusIUkFbq_Yw/h9/bKXpYbtWULpapv1qj10tfrSIJv5IjdFtVd3HjYw1GIM HTTP 302
http://winwith.fandiem.com/f-covid-kesha-bit-blast Page URL
https://fandiem.com/kesha?utm_source=bandsintown&utm_medium=partner-bandsintown-blast-from-bit&utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page HTTP 301
https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/JFx7KXEoSiOusIUkFbq_Yw/h9/bKXpYbtWULpapv1qj10tfrSIJv5IjdFtVd3HjYw1GIM HTTP 302
http://winwith.fandiem.com/f-covid-kesha-bit-blast

Request Chain 26

https://unpkg.com/feather-icons HTTP 302
https://unpkg.com/feather-icons@4.29.0 HTTP 302
https://unpkg.com/feather-icons@4.29.0/dist/feather.min.js

Request Chain 67

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4369313%26time%3D1653226417672%26url%3Dhttps%253A%252F%252Ffandiem.com%252Fsweeps%252Fkesha%253Futm_content%253Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%2526utm_campaign%253Df-covid-bandsintown-sweet-relief-2022%2526utm_medium%253Dpartner-bandsintown-blast-from-bit%2526utm_source%253Dbandsintown%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true&e_ipv6=AQKV35znNNrNZwAAAYDr-TCjTpTkAuzPfDSJGuE6zqXFsadWnGk6lyXI56PXQD80cn5-aXmdkm2M4ze19VUVEuMWCME7Ow

Request Chain 75

https://s.adroll.com/j/exp/4VZVS64FNRFEXAUW3D4PZO/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 139

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sjuKYv28AdiH9fgPufmikAI&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv28AdiH9fgPufmikAI&cid=CAQSKQCNIrLMOoV6vMuWcvRItije7A048yoHYEqy-pg75Y41NHxG_Mchzz2-&random=895075476&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv28AdiH9fgPufmikAI&cid=CAQSKQCNIrLMOoV6vMuWcvRItije7A048yoHYEqy-pg75Y41NHxG_Mchzz2-&random=895075476&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 140

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sjuKYv-_AaKR9fgPpqG86Ao&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv-_AaKR9fgPpqG86Ao&cid=CAQSKQCNIrLM14CWQxslTNNJbV3cNTqc-Jjq2xE5MdYgKVO7huIWYKeFAP3w&random=3685401640&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv-_AaKR9fgPpqG86Ao&cid=CAQSKQCNIrLM14CWQxslTNNJbV3cNTqc-Jjq2xE5MdYgKVO7huIWYKeFAP3w&random=3685401640&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 202

https://i.liadm.com/s/71674?bidder_id=246442&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE%2FdXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjImdXRtX2NvbnRlbnQ9Zi1jb3ZpZC1iYW5kc2ludG93bi1zd2VldC1yZWxpZWYtMjAyMi1rZXNoYS1zd2VlcHMtcGFnZSZ1dG1fbWVkaXVtPXBhcnRuZXItYmFuZHNpbnRvd24tYmxhc3QtZnJvbS1iaXQmdXRtX3NvdXJjZT1iYW5kc2ludG93biIsInVzZXJJZCI6IiIsInRyYWNrZXIiOiJodHRwczovL2FwcC50aGVhZHNsYWIuaW8vIn0%3D&visitorId=c4b0c8a68e1fc720&format=original&module=API&method=IdentityResolution.identityHash HTTP 303
https://i.liadm.com/s/71674?format=original&visitorId=c4b0c8a68e1fc720&bidder_id=246442&_li_chk=true&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE/dXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjImdXRtX2NvbnRlbnQ9Zi1jb3ZpZC1iYW5kc2ludG93bi1zd2VldC1yZWxpZWYtMjAyMi1rZXNoYS1zd2VlcHMtcGFnZSZ1dG1fbWVkaXVtPXBhcnRuZXItYmFuZHNpbnRvd24tYmxhc3QtZnJvbS1iaXQmdXRtX3NvdXJjZT1iYW5kc2ludG93biIsInVzZXJJZCI6IiIsInRyYWNrZXIiOiJodHRwczovL2FwcC50aGVhZHNsYWIuaW8vIn0%3D&method=IdentityResolution.identityHash&module=API&previous_uuid=6c57205764854a0db53fc9b6d5343e60 HTTP 303
https://app.theadslab.io/?hash=&format=original&visitorId=c4b0c8a68e1fc720&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE/dXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjImdXRtX2NvbnRlbnQ9Zi1jb3ZpZC1iYW5kc2ludG93bi1zd2VldC1yZWxpZWYtMjAyMi1rZXNoYS1zd2VlcHMtcGFnZSZ1dG1fbWVkaXVtPXBhcnRuZXItYmFuZHNpbnRvd24tYmxhc3QtZnJvbS1iaXQmdXRtX3NvdXJjZT1iYW5kc2ludG93biIsInVzZXJJZCI6IiIsInRyYWNrZXIiOiJodHRwczovL2FwcC50aGVhZHNsYWIuaW8vIn0=&method=IdentityResolution.identityHash&module=API

232 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

f-covid-kesha-bit-blast Show response
winwith.fandiem.com/
Redirect Chain

https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/JFx7KXEoSiOusIUkFbq_Yw/h9/bKXpYbtWULpapv1qj10tfrSIJv5IjdFtVd3HjYw1GIM
http://winwith.fandiem.com/f-covid-kesha-bit-blast

2 KB
2 KB

159ms
133ms

Document
text/html

51.15.139.10
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast
Protocol: HTTP/1.1
Server: 51.15.139.10 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 10-139-15-51.instances.scw.cloud
Software: /
Resource Hash: 59df8900585686dc4d48c349e63837e4c054dc2f1160f0ca5ba9dd8307ed4988

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=90
Content-Length: 1929
Content-Type: text/html; charset=utf-8
Date: Sun, 22 May 2022 13:33:36 GMT

Redirect headers

Connection: keep-alive
Content-Length: 73
Content-Type: text/html; charset=utf-8
Date: Sun, 22 May 2022 13:33:35 GMT
Location: http://winwith.fandiem.com/f-covid-kesha-bit-blast
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 102 KB
40 KB 36ms
16ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-181963629-1

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c85bdfa8338fd34e272b079ea48fd66899cc1d14bce0e7560d2302c20b4ccddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40244
x-xss-protection: 0
expires: Sun, 22 May 2022 13:33:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: nAF0xUhjwX28dXxzRekILchPi7aSp+pYMPTiw5PZtfM+J4Z7cUoCAo48BN0w477km+3VpFCNDgf2QLzXydliEQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 22 May 2022 13:33:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 410807596975192 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410807596975192?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5af5d4a4ad777c67933623be3d76693c5c3d8048ee94c4f44447bd574440f38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89146
x-xss-protection: 0
pragma: public
x-fb-debug: cnx8587HMhAZHfZt/Y9802Ybol9E46gzPOFDQzdDjEc2Gxo+lRIXu5GoBywIviMcASZ1DPBiPAphnGd3b0RwoQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 22 May 2022 13:33:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 39ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XG86FRBQR2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181963629-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65f3a09a63d129e6673428ffac0067aa41e844cdc4dfbbb05a15a9a1462a3111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69581
x-xss-protection: 0
expires: Sun, 22 May 2022 13:33:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410807596975192&ev=PageView&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&rl=&if=false&ts=1653226416261&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22653142685708720%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22326808842606046%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1653226416259.1901268255&it=1653226416214&coo=false&rqm=GET

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 22 May 2022 13:33:36 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 34ms
13ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XG86FRBQR2&gtm=2oe5b0&_p=354439729&_z=ccd.tbB&_gaz=1&cid=2143699563.1653226416&ul=en-us&sr=1600x1200&_s=1&sid=1653226416&sct=1&seg=0&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&dt=WIN%20AN%20AUTOGRAPHED%20PICTURE%20OF%20KESHA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XG86FRBQR2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://winwith.fandiem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 61ms
23ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XG86FRBQR2&cid=2143699563.1653226416&gtm=2oe5b0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XG86FRBQR2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://winwith.fandiem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181963629-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4468
date: Sun, 22 May 2022 12:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 14:19:08 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XG86FRBQR2&cid=2143699563.1653226416&gtm=2oe5b0&aip=1&z=1699466015

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=354439729&t=pageview&_s=1&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&ul=en-us&de=UTF-8&dt=WIN%20AN%20AUTOGRAPHED%20PICTURE%20OF%20KESHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=63626449&gjid=883062642&cid=2143699563.1653226416&tid=UA-181963629-1&_gid=71087585.1653226416&_r=1&gtm=2ou5b0&z=1851606995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://winwith.fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://winwith.fandiem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-181963629-1&cid=2143699563.1653226416&jid=63626449&gjid=883062642&_gid=71087585.1653226416&_u=YADAAUAAAAAAAC~&z=242374514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://winwith.fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 13:33:36 GMT
content-type: text/plain
access-control-allow-origin: http://winwith.fandiem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 62ms
34ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=2143699563.1653226416&jid=63626449&_u=YADAAUAAAAAAAC~&z=2106614926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=2143699563.1653226416&jid=63626449&_u=YADAAUAAAAAAAC~&z=2106614926

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winwith.fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

Primary Request kesha Show response
fandiem.com/products/
Redirect Chain

https://fandiem.com/kesha?utm_source=bandsintown&utm_medium=partner-bandsintown-blast-from-bit&utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-k...
https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-b...

43 KB
15 KB

196ms
166ms

Document
text/html

23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

5c69c20651d68d5492ec01e9c8f7ad19e9883556163fe4baa0d96c799aa3683d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://winwith.fandiem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70f5ecb1d9af9205-FRA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 13:33:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
server: cloudflare
server-timing-public: processing;dur=24, db;dur=8
strict-transport-security: max-age=7889238
vary: Accept
x-alternate-cache-key: cacheable:9b92015d07a44afe92b8815d3a388f0a
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 86b80b20-67bd-43d0-a5c9-e7c4c9b39688
x-shardid: 253
x-shopid: 50221678757
x-shopify-stage: production
x-sorting-hat-podid: 253
x-sorting-hat-shopid: 50221678757
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70f5ecb08ee69baa-FRA
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 13:33:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
server: cloudflare
server-timing-public: processing;dur=19, db;dur=6
strict-transport-security: max-age=7889238
vary: Accept
x-content-type-options: nosniff
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 0851ac3d-c9ef-4aa5-957b-fe71af1abf07
x-shardid: 253
x-shopid: 50221678757
x-shopify-stage: production
x-sorting-hat-podid: 253
x-sorting-hat-shopid: 50221678757
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

POST collect
analytics.google.com/g/ 0
0

GET
H2 200 shopify_v534.bundle.js Show response
dpjhaiprv9czz.cloudfront.net/ 2 MB
577 KB 40ms
9ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Requested by: Host: fandiem.com
URL: https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a22749318bc08ada723e73935220805449addcde4e49f136e421306bbd5bc79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:11:35 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 16:09:46 GMT
server: AmazonS3
age: 163323
etag: W/"98b2c310adb03978aaea512aec025abc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dhCv3XWVcifBoUhs_7w8YsJj2D89etOF
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: UMZqRGp14viajspZTODbNWIO8IMJDFZc_16XrGVPx5WCxuFT8Qa00w==

GET
H2 200 triplepx.txt Show response
triplewhale-pixel.web.app/ 52 KB
19 KB 63ms
21ms XHR
text/plain 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://triplewhale-pixel.web.app/triplepx.txt?-18370

Requested by

Host: fandiem.com
URL: https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8aac4edb821eaeb5730f39ace8de75d5e309ce7b761bb46db6bc6b7fb29de7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
etag: "6b5c9bab6c7923405c3b6a5f3528c836ac35752c807982384aab48c3159e5e1c-br"
x-cache: HIT
access-control-max-age: 3600
content-length: 18636
x-served-by: cache-mxp6935-MXP
last-modified: Sun, 15 May 2022 07:42:38 GMT
x-timer: S1653226417.168875,VS0,VE0
date: Sun, 22 May 2022 13:33:37 GMT
vary: x-fh-requested-host, accept-encoding
access-control-allow-methods: GET, POST, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 90

GET
H2 200 load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
4 KB 59ms
23ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js

Requested by

Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 808086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ8CK12uVDw3SCew%2FQY4cLI3Hx05o8g8W6MOCfGqduC18sRnNRBCuRFunbNsUEI6lyAUUjHjNTmff0%2FQ6Wjys1DaHTtFomOto33DyUNC%2Byxh%2BqqJxZKFD8K573jl9H0Tmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=11.081, imageryFetch;dur=10.859
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3a6ca7c0-0fe4-4617-a1d7-7eeeac816b5d
timing-allow-origin: *
surrogate-key: segment4-23263 mime-text/javascript-23263 time-bucket-20220513-23263 89bbf77d1cad2c0bea2a7f1f72da169b70c2bf265907466160d0427d43316b03
last-modified: Fri, 13 May 2022 05:05:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 70f5ecb3bc6e68fe-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js>; rel="canonical"

GET
H3 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
14 KB 45ms
25ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 893945
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fziI0HIMj5DeS%2B1WcmFaVoXRsa44xoI2DrqaNp9FTVndCw%2FQPecR%2F9t6vlDHfbUS%2BQC1Lug4aHc3IhCQa1KCLQNUOtZeL7STWTFOZajhU752CyxOHmC8uC7laEVaoSp8zw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=19.768, imageryFetch;dur=19.563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b37bdf5a-a390-493c-864e-033059e1551a
timing-allow-origin: *
surrogate-key: segment4-42351 mime-text/javascript-42351 time-bucket-20220512-42351 3cd7a93697726990d34cdb0483f82490a2ebf6a0cee838bd6b8381caf8ef28bf
last-modified: Thu, 12 May 2022 01:47:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 70f5ecb50ea692b7-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
25 KB 66ms
27ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5371910
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19123-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TNSM4U8Qpy%2Bi65txSKX%2BQC6M93TRsFtiCAYOuPUGe2pw2JZVWFPbW%2FFCMRi5l9jY84cEOzbrRCtj1hEq00BdLUvNOyZrWUlfD0K0%2FVMQSl4aCI8j3fivbP7eLqurVGabzKYHbovhaD4caq9YKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70f5ecb3bd540208-ZRH

GET
H2 200 application.scss.css
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 3 KB
2 KB 59ms
25ms Stylesheet
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53fb3ea61abbaf420658f47acdfff8aab9fe220b46d40f517d9e1127901cf826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1703221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH8vs2IbI0DZf92R7a0aOlxUUJEJ4ce8bvjweOkWzza2Afkxj5BpdsKA%2BW73PIvv71MhsTVSL8C2m%2FHR9LyaxJ6ea40fDCqlRLZ7%2BUpS2Q3aTSQX1LSebY%2Bfwpwe5Gawkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=3654.750, imageryFetch;dur=67.779, imageryProcess;dur=3585.150;desc="scss"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2e2c7cb5-c68e-421b-a615-7da906d5b824
timing-allow-origin: *
surrogate-key: segment4-8239 shop-50221678757 mime-text/css-8239 time-bucket-20220502-8239 b7317a3aa71c1337fddb0008c5469d3b29157804bc8d9514d7e14a1eb657a746
last-modified: Mon, 02 May 2022 19:29:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb3ba8868e9-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css>; rel="canonical"

GET
H2 200 jquery-3.5.1.min.js Show response
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 87 KB
32 KB 63ms
29ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js?v=133494139889153862371605192933

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 905399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSYnGch30ayr5JoPx%2F5O3VMUR6mQur8S%2Fl9WxhGb3nF315%2B4Tw1SB3Rzj%2BdoyjLdQxPTnu1I5YhBc5UbYmAuJHBJxHy2rqWO9jWl05TpmJFuK%2Fl6wu5lcYVoO%2BMwHmScBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=103.928, imageryFetch;dur=103.708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 716522ce-c074-431d-aaaa-c5aab0dd1edc
timing-allow-origin: *
surrogate-key: segment4-43157 shop-50221678757 mime-text/javascript-43157 time-bucket-20220512-43157 d569e62f4c52504808b71b7584fdf7b79888b0d6f4a18f9f03268fce4a5bf11f
last-modified: Thu, 12 May 2022 01:51:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb3ba8d68e9-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js>; rel="canonical"

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
22 KB 66ms
28ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5371910
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19175-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46Y2uByv4icqdw%2BJPbOAe0Sddb%2BFvLm7MgLi6hovp477wpfbUA%2BqYP5N9anJb3P8en5fTVeDdXGEsbeIr7CvoNSnBdxRpp9%2BpE4IzZEHEWWUUdMh0%2BczHpWgB3Alhac6QwuOQay4MQPHGS1s%2BAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70f5ecb3cd570208-ZRH

GET
H2 200 application.js Show response
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 127 B
646 B 59ms
26ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.js?v=51622693686307908411605192976

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d34f115932de70f3f88c8c186e92706985062a58289326663e08c5abb0fa94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 883940
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOzXzc1njhvIZbiKeM99jhQcdKfMMlzQQPE7KUo07FuEfKifNF8ugLj1sjBoXVbkkxSHbacW6p8s6He9jjT51OnIF%2F1m%2BjYvvahqNbejKQTpHsYHB0O1AK56IunpG8T6YA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=58.702, imageryFetch;dur=57.769
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3211b457-9b1c-4713-997e-b257b8701286
timing-allow-origin: *
surrogate-key: segment4-57835 shop-50221678757 mime-text/javascript-57835 time-bucket-20220512-57835 fa1d32cdf81c2e39246ce5fb1f667f6c43f4e9429b875d26704d22567bc4bb74
last-modified: Thu, 12 May 2022 03:44:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb3ba9068e9-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.js>; rel="canonical"

GET
H2 200 shopify.css
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 331 B
781 B 59ms
26ms Stylesheet
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/shopify.css?v=182913577754366908041646316173

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b70aab4f36d9a78bc63c61743b9335bac04dbc8856e7cec642f112aee43dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1702234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ikgka%2F0Ni7b5aVG9ULdy4K3umS1xOnQuKoEeYrFd6wlS7th%2FWqQtsdv9YGnZdamSP501ZO6D1RNSOicWKcomzI%2FoKjB8O22FQtxNwpjixlG3rOKO7SuwGIn%2BoSF7mncwWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=57.858, imageryFetch;dur=57.007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c16efd69-0ed4-4227-bfa7-324ca2b6920f
timing-allow-origin: *
surrogate-key: segment4-51588 shop-50221678757 mime-text/css-51588 time-bucket-20220502-51588 d921f376b3525e959e0090e0d8bc0600b6752bbde9b0cdbde072b35ea1165cf8
last-modified: Mon, 02 May 2022 19:29:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb3ba8b68e9-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/shopify.css>; rel="canonical"

GET
H2 200 shopify_rolling_bootstrap_v2.js Show response
assets1.adroll.com/shopify/latest/j/ 2 KB
1 KB 25ms
8ms Script
application/javascript 2600:9000:206f:c00:1c:cd6a:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=4VZVS64FNRFEXAUW3D4PZO&adroll_pix_id=A5AOKNR44NHIVM7TSARV6U
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c00:1c:cd6a:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:49:46 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2637
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Wed, 27 Apr 2022 19:44:55 GMT
server: AmazonS3
etag: W/"dcbab6195eb24bf3935cbc62ec0ed277"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: *
x-amz-cf-id: GtskJH-Ru9xBbRee8Yo66NmHB-l6J_YDCsXSW3O0w6Ulfj7X3ieGTg==

GET
H2

200

feather.min.js Show response
unpkg.com/feather-icons@4.29.0/dist/
Redirect Chain

https://unpkg.com/feather-icons
https://unpkg.com/feather-icons@4.29.0
https://unpkg.com/feather-icons@4.29.0/dist/feather.min.js

74 KB
20 KB

22ms
22ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/feather-icons@4.29.0/dist/feather.min.js

Requested by

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee42895b008b34df27e6b4f530d52954f91e2f16f07b511953bde388b76cb2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4628864
fly-request-id: 01FZC14JXAGHJVVQC9T3G8ENPB-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"128bb-dh2RGLtRbEubYuzrJkc993XXYQU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70f5ecb4ff9a01df-ZRH

Redirect headers

date: Sun, 22 May 2022 13:33:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FZC14KH4RBHG1975GCB6VJHE-fra
server: cloudflare
age: 4628865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /feather-icons@4.29.0/dist/feather.min.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 70f5ecb48ef201df-ZRH
access-control-allow-origin: *

GET
H2 404 /
dpjhaiprv9czz.cloudfront.net/ 0
0 10ms
8ms Other
text/html 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 application.scss.css
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 0
1 KB 40ms
25ms Other
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1703221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TMCOCY2m0vYD5pSoceMcwIFeD0KrpbBg%2BYcxBz8FOgJDfT6HJUsto07pqZjlxSQeG3VDIPMk7cYz%2FK0wYN4Fw3oi3CVo6PvqEHFJjgEFt36BXoNbBD9ARu1D%2FcmPewVnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=3654.750, imageryFetch;dur=67.779, imageryProcess;dur=3585.150;desc="scss"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2e2c7cb5-c68e-421b-a615-7da906d5b824
timing-allow-origin: *
surrogate-key: segment4-8239 shop-50221678757 mime-text/css-8239 time-bucket-20220502-8239 b7317a3aa71c1337fddb0008c5469d3b29157804bc8d9514d7e14a1eb657a746
last-modified: Mon, 02 May 2022 19:29:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb51bc49b25-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css>; rel="canonical"

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 0
25 KB 38ms
24ms Other
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5371910
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19123-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ycvml%2F4GQweI3XpFZBUwDmOL6CCC7E6kieb8LbezcO%2FzlUU6LyXxLG4h2qnXBj8H1dk8XWkAk47unLltsgrxzgksiV%2B3TgP5KVjzIImN2Mup4HFPEFHlflF0wBwN5JftDhbmYjiGr9Ul8GgV2CY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70f5ecb51c3601e7-ZRH

GET
H3 200 jquery-3.5.1.min.js
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 0
32 KB 37ms
22ms Other
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js?v=133494139889153862371605192933

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 905399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLX0v7ucgZZWzHnxGk1x0CDl6Nbm3lXLGTl9IJHJSjwImtVQx56%2Btgl4O%2B9MerUbWonQpPw9qy5S%2FjnVtKPp%2BGIkjXcNh075zAZ%2BO0oPSFNRmItcNolNk7R054OYINhNYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=103.928, imageryFetch;dur=103.708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 716522ce-c074-431d-aaaa-c5aab0dd1edc
timing-allow-origin: *
surrogate-key: segment4-43157 shop-50221678757 mime-text/javascript-43157 time-bucket-20220512-43157 d569e62f4c52504808b71b7584fdf7b79888b0d6f4a18f9f03268fce4a5bf11f
last-modified: Thu, 12 May 2022 01:51:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb51bc19b25-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js>; rel="canonical"

GET
H3 200 bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 0
23 KB 50ms
36ms Other
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5371910
x-jsd-version: 4.5.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19175-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tm60zIEbJIab3gJFyjh38CvwPDkX73SJydoHxRV2BHety3dJqW0UkaCpN2d%2B4fgkz13wFX7nvXUMoi4IsRraDDbdFv7GJNSSY31z5YunrpXGwtjvmvrVrNVXddoO9p%2FzHMFNmEnaVLbx8bFhUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70f5ecb51c3701e7-ZRH

GET
H2 200 _thid357.txt Show response
triplewhale-pixel.web.app/ 86 KB
27 KB 16ms
16ms XHR
text/plain 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://triplewhale-pixel.web.app/_thid357.txt

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88b8074faa7b0637ab66457e308fd850ac61fa51ee935ceddc64a2d322ed88d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
etag: "01fb3d7f294abac1c1ca32db8b8b28ed5d776a9eb37e415ca6799c6e8795a23f-br"
x-cache: HIT
access-control-max-age: 3600
content-length: 27334
x-served-by: cache-mxp6935-MXP
last-modified: Sun, 15 May 2022 07:42:38 GMT
x-timer: S1653226417.428675,VS0,VE0
date: Sun, 22 May 2022 13:33:37 GMT
vary: x-fh-requested-host, accept-encoding
access-control-allow-methods: GET, POST, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1319

GET
H/1.1 200
OK matomo.js Show response
app.theadslab.io/ 76 KB
24 KB 526ms
212ms Script
application/javascript 18.119.43.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.theadslab.io/matomo.js
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.119.43.107 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-43-107.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 541ab646663d4b1f309d62e21da2b9e93e4d727a982261c2ff5fff22c214ebe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: public
Date: Sun, 22 May 2022 13:33:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 May 2022 02:51:57 GMT
Server: nginx
ETag: W/"6289a54d-12f0a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=3600, public
Connection: keep-alive
Content-Length: 23973
Expires: Sun, 22 May 2022 14:33:37 GMT

GET
H3 200 trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js Show response
cdn.shopify.com/s/ 79 KB
18 KB 54ms
38ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e499be587638f717b60b6b76181b9a5609da8fb9940c12a05fd77280e1707f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 899735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLO8XjIvUR1wUKs4bVyLoAg%2BIXlBQTuSXZz8zkmOHkYiUUih6npQJIfARq%2BfSe%2F3LwUPP%2BhWoiigaXDRqonwQlqfZfRUJ9KbuzKQHp6Bs%2FtzK95xgrxVpDjGzMATFZ8f4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=48.260, imageryFetch;dur=48.046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1250b296-ce7f-4038-9515-1402f85f4db4
timing-allow-origin: *
surrogate-key: segment4-56992 mime-text/javascript-56992 time-bucket-20220512-56992 00ef8c45b6b4a7c5929ad883fb867dae504b70d30bf9d75d3120431ceb462f1e
last-modified: Thu, 12 May 2022 03:38:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 70f5ecb51bc89b25-FRA
link: <https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js>; rel="canonical"

GET
H3 200 shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
4 KB 41ms
26ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 902227
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYeLq5om4RYlWQi0qtxMSDazVIEt2XSDrRx3qrSmP4sGA9TlFeNr2nmECifMPcsVULvdooGsOGr5pCfVDgXHNR%2BLq5QU4WWL5da%2FpQxiU1MxF9DaeOM4fIhAAGnrmEtKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=36.084, imageryFetch;dur=35.724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7a2b6cb7-9ed6-44cd-8d65-c4709b6f994e
timing-allow-origin: *
surrogate-key: segment4-51602 mime-text/javascript-51602 time-bucket-20220512-51602 bbd463f25b75b26047a0dffad90b99212754dba28cb05b4a40bedcb5eb6c6955
last-modified: Thu, 12 May 2022 02:56:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 70f5ecb51bc69b25-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js>; rel="canonical"

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
19 KB 42ms
25ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a081ed513735ffb15626985d663652a2879e96f0b6695e7ceda16d519372555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 914681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmR4NbKCO1sYAnwccByWhKImXnwGBX8KAl2Tp5AB7NfKTxnTx6GtVUuD4ZFwpy9k0tvWgjquDlkVPTCxZHhDE8OaaC7yePFVLiivjOE%2FLdd63llnmSdBksdRMMCAQSSfVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=31.248, imageryFetch;dur=30.958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 43206d85-71df-43cf-bc36-5bcb0eefac07
timing-allow-origin: *
surrogate-key: segment4-24675 mime-text/javascript-24675 time-bucket-20220511-24675 4cd9f4566786174a1ad1c22d25981943266f2b3b804ae07172669b9092a72bdd
last-modified: Wed, 11 May 2022 23:28:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 70f5ecb51bc99b25-FRA
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"

GET
H2 200 / Show response
tls-use1.fpapi.io/ 208 B
335 B 285ms
97ms XHR
text/plain 52.223.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tls-use1.fpapi.io/

Requested by

Host: winwith.fandiem.com
URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.36.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae8af9489dcf8bb01.awsglobalaccelerator.com

Software

Resource Hash

626d5c4ef7cb200f6023e0b37b3668e8047d1b6f4d7e03603f554a34ac819b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Sun, 22 May 2022 13:33:37 GMT
content-length: 208
content-type: text/plain; charset=utf-8

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 69ms
28ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: ZRH50-C1
cf-ray: 70f5ecb59cce01fc-ZRH
x-amz-cf-id: uBsPkXu5wkoRgjA3IEYdJeQ9Y-mnrSMFFNrr7jr9zwcr9__42XWp6Q==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 48 KB
14 KB 46ms
13ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 16:49:30 GMT
etag: "39dd6daafb219ee61305f13521c2d060+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 14051
x-served-by: cache-iad-kjyo7100096-IAD, cache-muc13948-MUC

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 57ms
14ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=8944
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 9920.0afc5f41d36928f014e6.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 47 KB
18 KB 20ms
19ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/9920.0afc5f41d36928f014e6.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7fb53b43e9c5b16bd3ce4e21c9cb8cc939dd6c2567fdceafa7949b0bdcaa8d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 02:40:49 GMT
content-encoding: br
last-modified: Thu, 19 May 2022 21:16:39 GMT
server: AmazonS3
age: 211969
etag: W/"d58f573b13a3bef1308c7ffa691ca4ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: g6yHzPk1rlt6rLG28NY_ivUL3rg1x5rD
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: kFb1_PXJUfcK0_bxyDNhokHUHYEhz0Q2-5WxhwlT8UVaAdj2GVm2rQ==

GET
H2 200 8767.1e99eef4a3557e5615bf.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 21 KB
9 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/8767.1e99eef4a3557e5615bf.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc2a4540e3fdc6781ffd26671a685544c9dfdd687f5b4fd7837a92ead650aaae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 02:31:35 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 16:09:46 GMT
server: AmazonS3
age: 126123
etag: W/"3e9d77a2cf7809b9979eda24fef3bacb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: lhqCKAv0emOHOOuyfXwIF3T.opYKme4R
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: haEBEkBwSh3swQgfnnnGKiwf-Yc1nsBOmh8GatS3TxcfxmOD2IZwnA==

GET
H2 200 8100.b957cbf0aba3eb76cb52.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 10 KB
4 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/8100.b957cbf0aba3eb76cb52.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc82edd4d38d1011002e3642c3fb73a932d0c45d25b5fe44683eb831031f01f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 00:49:32 GMT
content-encoding: br
last-modified: Tue, 17 May 2022 22:22:01 GMT
server: AmazonS3
age: 391446
etag: W/"9cc11b90deb38e02952c423783d304f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Bl.wD_ANlTwBRFmjioKC6s9PaX2ARgRY
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: V0kmuNCeIcMdbaXTDon-HeqwyWg7YC2iSUrPpgBMwdKrKuxKBDLT7A==

GET
H2 200 5930.cd95fc7ef1afc349fe9f.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 16 KB
5 KB 21ms
21ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/5930.cd95fc7ef1afc349fe9f.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a0b27c6ff1c1455f975fea1b2a2ff5e29a6658b129a1d0fadba316d3ffa67fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 01:04:36 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 23:39:45 GMT
server: AmazonS3
age: 476942
etag: W/"71befc59f3d64f811b302f0c99262c21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ytWO1bU8p1_cHGQB99Qj0F6.73ZcRgtt
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: bnGYoSttaAiQ4bWKWvl_VOHElBr9el3dQ6_WqMJAR442Y8_h7L7mFg==

GET
H2 200 7847.0ffaf5a1648260480103.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 5 KB
3 KB 22ms
21ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/7847.0ffaf5a1648260480103.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d5b4d24bb7b4cf7b27205b7be47d9eb814e30eef74095890025b9082686bf49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:08:12 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 14:02:08 GMT
server: AmazonS3
age: 6909926
etag: W/"9f7dba240407c6070a7e8b0785d6993c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Y_.fTGWOL1kZ0BzD_vO9n3B.ccEn55jg
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: PAICp6oBjNAdd9d9kliqWQZs2aD3t6UmXfxwVyywZu9zK83ycI-lsQ==

GET
H2 200 6964.e479f8f2e84faa52d388.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 27 KB
9 KB 22ms
21ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/6964.e479f8f2e84faa52d388.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4cd3d9085ed3aeb2258ff4a5724177bcd3e1ff495e03ca6255cfb5884339bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:08:12 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 14:02:07 GMT
server: AmazonS3
age: 6909926
etag: W/"dfcdb0f640d9519ff4fe5f673c66ad08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: beixmlPmKLMNeTid339oWFJfSvFhqzYY
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: YXFqdnHIoNeoxrgl-a6JZSZ35HIZui3tWaeqFuckCYjyrYJdOS8tbw==

GET
H2 200 2124.6396887a49f25a2fb925.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 14 KB
6 KB 22ms
22ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/2124.6396887a49f25a2fb925.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc88e70854a581bbc52c5a67e194b7f3ee11a372cf65d6628ea70227c767d612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 21:16:13 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:07:59 GMT
server: AmazonS3
age: 1095445
etag: W/"0ad65c04632cf3b33bcfb3956edb88ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yPdaAgunyYEDu5wJwEinbT98tKQa.dRI
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: lzgWNBir1yUokKXS78BCAXkvB6PTLDg6BYpqFlOzTVz1sSYHH4Unmg==

GET
H2 200 6447.26fd3490e0bacfcc8b9c.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 29 KB
10 KB 23ms
22ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/6447.26fd3490e0bacfcc8b9c.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a83f34ed6cab7b6afd1d02230a242af96dba5ffb33ee0a040effbcdd26f41d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 18:36:32 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 18:19:55 GMT
server: AmazonS3
age: 3524226
etag: W/"e28e1eadca42700b3a8c3c9d874977ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ZJzXjt240JeutxSa1gGNxLvv.PW1CSwF
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: ibauWkaykzI-U2srlAj2QZeaQqWFG0zhmWYVCXaRR77-HyMkGpv0SA==

GET
H2 200 6982.4de72bc2161049b2eb0b.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 48 KB
14 KB 23ms
22ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/6982.4de72bc2161049b2eb0b.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f58848b87af4ac1d77e43a2a8c51c429701b2429b75843d24484f38b166a224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 15:52:57 GMT
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 02:07:20 GMT
server: AmazonS3
age: 6126041
etag: W/"c5eb85c16afb6d9eb26aa051a436568c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 3jS2qZKdqwxtZ2V48LMveXlEYP4bpfrN
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: GFXo8M1yYR5LY19Icjz7QWsIhVv2q_cB9NM5rojIwzyk8WoEhBgWSQ==

GET
H2 200 9725.98ac8b75d53d1a624dd9.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 21 KB
6 KB 24ms
23ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/9725.98ac8b75d53d1a624dd9.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56e92abeda7cb6a59a2dddf861283c539b424aaa8141ae6544626aeddde1413d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 16:28:52 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 16:16:03 GMT
server: AmazonS3
age: 939886
etag: W/"b491414665233da061c70daccb9a2254"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dD_CXvJ74ab6MQquebcuhbFzHwwKc916
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: vH1do9SxUtdRJcKWqkTWsQ12Z5nvKAdyGZfKx45HimPaOeVrU0Q17A==

GET
H2 200 757.9901c230c11b22025217.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 18 KB
6 KB 29ms
28ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/757.9901c230c11b22025217.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4983b50593f9a8743044df38a41cd32eef5264f818834645a063ea4c6d5611de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 00:49:32 GMT
content-encoding: br
last-modified: Tue, 17 May 2022 22:22:01 GMT
server: AmazonS3
age: 391446
etag: W/"a7c2bf22ae481762297dc73b22cc95ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: E82FDuzl8_EjMqhnap.P_oHF.1WuvD_0
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: cC4BK3RJNROWomgP1KxjKdUE0TKUaY3IJoaEim2mp0HQUoRSsdoL_Q==

GET
H2 200 2359.30f9d86eb0b0d88543ac.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 19 KB
5 KB 30ms
29ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/2359.30f9d86eb0b0d88543ac.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ccab801926216425a3386fb5e9a144603ca2646ac11a0abe28c780a1d4534b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:45:44 GMT
content-encoding: br
last-modified: Tue, 17 May 2022 22:22:00 GMT
server: AmazonS3
age: 398873
etag: W/"da319d23ee2298aa240e45b5a1cdbb88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: hvRRwi4Jxl._I4nGTwe.xAvwT8SAtxAO
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: bbMOy-oUxY7b411i4dGZA9iL2mmzqSZKXbNRfPVpSz1WGJsuIOl-HQ==

GET
H2 200 2551.3248daeb66e101c4f5b2.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 15 KB
5 KB 31ms
30ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/2551.3248daeb66e101c4f5b2.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ccf1b601ffedbdc0c09a85a15ea901363888e9b0f361b12bb93c54fdd48fde4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:45:31 GMT
content-encoding: br
last-modified: Mon, 16 May 2022 23:39:44 GMT
server: AmazonS3
age: 481687
etag: W/"5afad762ebe9695720d69027dc54ea80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: U.3NqpGATmzU2TMb5gqebgGEx_3MJwcF
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: Ru-SqRYA2DuWMojtVnOR4QMVw2AAWQTBsm6kd8k9hqJe_wiBeP1gRA==

GET
H2 200 8831.847f65dad31694f354ba.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 23 KB
8 KB 30ms
29ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/8831.847f65dad31694f354ba.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abc8faced037c595f8387c9629a17ee692863270378a215a6046e93884082986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 21:16:13 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:08:00 GMT
server: AmazonS3
age: 1095445
etag: W/"1418ac9b46d6e9e4977bea711e29148b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ZsoOkOOP_ij3tAAyDLMPCjexP.sVk1pV
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: ofa9Wqum0j-0NhZcJSsmRpiZ0LrhD-nnNFB8baMILBFZ2avVPQax5A==

GET
H2 200 2437.97306aad69e3414978eb.chunk.js Show response
dpjhaiprv9czz.cloudfront.net/ 48 KB
11 KB 30ms
30ms Script
application/javascript 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/2437.97306aad69e3414978eb.chunk.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8832066786fe7689dc57cb5a7a00a5efc3366f98de0948968af525c0feb33a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:26:41 GMT
content-encoding: br
last-modified: Thu, 19 May 2022 21:16:38 GMT
server: AmazonS3
age: 230816
etag: W/"ed2259cc6b5a028789e1364ba9df5548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: LvH.hzsiCLKLLfKllS.C7S5CNdj2TeoL
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: 9WygoL-6xVG9TYuOUkuCo5zauzGHDBS5SG4crAm1_N1c2rSYPbPmXQ==

GET
H3 200 logo_200x.webp
cdn.shopify.com/s/files/1/0502/2167/8757/files/ 7 KB
8 KB 20ms
19ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/files/logo_200x.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f86b45d673e22c9a0332dacb16805aabe11a1006938212a9ddabc34e362a5f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 771740
server-timing: imagery;dur=104.339, imageryFetch;dur=84.710, imageryProcess;dur=18.901;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6788
x-xss-protection: 1; mode=block
x-request-id: 63a43203-75be-4289-bc0b-d4bb4e7fdeba
timing-allow-origin: *
surrogate-key: segment4-44054 shop-50221678757 mime-image/webp-44054 time-bucket-20220408-44054 0e576116a573ff579e8864bbffa4e951dfe9c23603d9da2f1845162a1dababed
last-modified: Fri, 08 Apr 2022 00:01:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6E4BGK1HZEnEq7NEHn6mGfmlYiurDgV0lkhQ97Sym%2BCx%2FgkhQPZSqrgJwOjQPAfRhOJRqMjN1taavH%2F8eoEGJSZdTRIy7ak%2B0g%2Fk1ivHvW1t55DLBMSSZ3neUj9UjPRRBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 70f5ecb5ed489b25-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/files/logo_200x.webp>; rel="canonical"

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/4VZVS64FNRFEXAUW3D4PZO/ 78 KB
22 KB 28ms
7ms Script
text/javascript 2600:9000:206f:6c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/4VZVS64FNRFEXAUW3D4PZO/roundtrip.js
Requested by: Host: assets1.adroll.com
URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=4VZVS64FNRFEXAUW3D4PZO&adroll_pix_id=A5AOKNR44NHIVM7TSARV6U
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b580fd139c2f3ca8d1b9f599256f7dfa2663096343f4cfc1c0c352df540210c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:00:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 2005
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Last-Modified: Sat, 21 May 2022 11:48:22 GMT
Server: AmazonS3
Etag: W/"cf0a619d701e55ceb39913f17350d074"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
X-Amz-Version-Id: cXexYyQ.1qrvXt0E.ZvSBiN1h.RQ9Pbk
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: KLeXSVMeCs25v1UBKW0k9iAUxlczurflP3gEafmxwK_SVwDw2PaG4g==

GET
H3 200 MazzardH-Regular.otf
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 125 KB
52 KB 28ms
27ms Font
font/otf 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Regular.otf

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4124fd2515e60b5a2827c9dc9f3f8e72d0deb5c2655f2e52e2502d8b1a03d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 618207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKNQ2Otkc%2BX%2Bqd3y4eJ4Lh62n7dxWIdnYFFaDcOeKYUkDjuFvZAKjzrpkicrVm1Fp8aOxhED4ENDc62ZSgv2HZ3NaTRlPBmsjjdUQ7MAaYtbrCxoOfez95b04MBSZnNDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=83.499, imageryFetch;dur=83.056
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 67cd8700-79e7-464d-8731-b65ddb0d19c5
timing-allow-origin: *
surrogate-key: segment4-44420 shop-50221678757 mime-font/otf-44420 time-bucket-20220510-44420 58ca1504d813ded8802419e4ff383c70922f08907d9897133a14313c31d3699a
last-modified: Tue, 10 May 2022 02:36:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/otf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb5f8ae92b7-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Regular.otf>; rel="canonical"

GET
H/1.1 401
Unauthorized accounts Show response
app.fandiem.com/api/ 24 B
652 B 300ms
109ms Fetch
application/json 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fandiem.com/api/accounts
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 3be5b8e53fdc8b0a2996590589456db33504977f3d1ce9bb75016c8a707e1a71

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:37 GMT
Via: 1.1 vegur
Etag: "18-XPDV80vbMk4yY1/PADG4jYM4rSI"
Server: Cowboy
X-Powered-By: Express
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://fandiem.com
X-Ratelimit-Remaining: 997
Access-Control-Allow-Credentials: true
X-Ratelimit-Reset: 1653227132
X-Ratelimit-Limit: 1000
Connection: keep-alive
Content-Length: 24

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
923 B 190ms
164ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: a405ce3d-b3df-4d1e-9ea7-cff405124fa6
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZFwewbV1l%2BrexWhuD0Fz8cl5VnQmOnXMr2XiQtsv5i8mmonlEA6iC9BlMxsOc0d08%2FuPpwZthpCac7oxW%2FuSwfnZoVVkKQ8ryt5UDh5r%2FMgq9RemOPaqSf7w3o3YSMGsqmUUZ%2FgYJFsDPBorLo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb66a156922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 / Show response
prism.app-us1.com/ 250 B
395 B 164ms
164ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=1001208398&u=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&r=http%3A%2F%2Fwinwith.fandiem.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 6f1da63139fc56ebeaa33215ed92d8599040d2d338e3acf4eb42339f786e8221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 47
cf-ray: 70f5ecb67e4501fc-ZRH

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: nAF0xUhjwX28dXxzRekILchPi7aSp+pYMPTiw5PZtfM+J4Z7cUoCAo48BN0w477km+3VpFCNDgf2QLzXydliEQ==
x-frame-options: DENY
date: Sun, 22 May 2022 13:33:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4469
date: Sun, 22 May 2022 12:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 14:19:08 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 61ms
19ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
37 KB 211ms
155ms Script
application/javascript 104.104.52.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: f9a31e80.6540f245
date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-61.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 136,104.104.52.61
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=27, inner; dur=3
content-length: 37374
pragma: no-cache
server: nginx
x-tt-logid: 2022052213333701000400500600302001B81E68
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.105.213
x-tt-trace-host: 01312a5663f8e3d0185bc28bce79de02624f04beaba10ab0d20c44b86eeb0e1957ae34f646aaa8e991257989c5a71fcad1f12ca21f862218bc3aaaf0149238a9e0bd8b02c526ba83d3a5e249686cd553587b392493c353ed56273ea8691fcf6b4fe0836816626001fb25dd9218e84621c9
expires: Sun, 22 May 2022 13:33:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-370662395

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6caed722f971b7c6916e1433a149726d7e0cd4d8824b5f9a20a066ee1367bf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57622
x-xss-protection: 0
last-modified: Sun, 22 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 May 2022 13:33:37 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4369313%26time%3D1653226417672%26url%3Dhttps%253A%252F%252Ffandiem.com%252Fsweeps...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page...

0
266 B

240ms
185ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true&e_ipv6=AQKV35znNNrNZwAAAYDr-TCjTpTkAuzPfDSJGuE6zqXFsadWnGk6lyXI56PXQD80cn5-aXmdkm2M4ze19VUVEuMWCME7Ow
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9CB36B2B7A6D4CE5AE02F332DCD38C93 Ref B: FRAEDGE1513 Ref C: 2022-05-22T13:33:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXfmcVqAIUeOVNDw5EO7w==
x-li-fabric: prod-lor1

Redirect headers

date: Sun, 22 May 2022 13:33:38 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 27F661E4738E4A60B0A43A814850783D Ref B: VIEEDGE2719 Ref C: 2022-05-22T13:33:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1653226417672&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true&e_ipv6=AQKV35znNNrNZwAAAYDr-TCjTpTkAuzPfDSJGuE6zqXFsadWnGk6lyXI56PXQD80cn5-aXmdkm2M4ze19VUVEuMWCME7Ow
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXfmcVlyDrtBdHD9O5B0A==

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 141ms
125ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=o5d49&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=43cb6ccb-d99a-46ba-bf83-2b5c98918324&tw_document_href=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 117
date: Sun, 22 May 2022 13:33:36 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 010b93ef80ffc686deac2b5a8cf151a6f73b2f703078c77cf6d2d393d0e6d0e2
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
337 B 140ms
124ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=o5d49&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=43cb6ccb-d99a-46ba-bf83-2b5c98918324&tw_document_href=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time: 116
date: Sun, 22 May 2022 13:33:37 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: a259d057ce68f8d2d051d2b7b981acce5556ce8adaa8cc3321411a8fe3257d7d
content-length: 43

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
306 B 154ms
154ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 5a8a3257-5acb-466f-b600-94a5883d0219
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTV0RPUGNqIAeBXg8xGsI%2BwPe%2F%2BeHWqJO8VIm%2FP8dcK%2BlIvMMS1cUz1Xx6uuk0PkxZUHxkq6wZjXeuIIPNfbn53Hyg%2FOfD1%2FQOyyhesAYwD%2FobLikjrnxCt2xkcPWgtmLgXQFyRmCXhQtvKORZk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb68a566922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
297 B 176ms
175ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 17db781e-5038-47ea-a4b8-af412b06ff99
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvpo62owvAiHmZGwWmvzbHLd27nHY0dkQqEKPbYKjT52GsFUBQQrC7wIA8JYswEdImWH%2F0nKmACTJ9X2VZUbmYhpkBUhLMLXqyqFdaLz%2BhVDTdZxwtJoeulri8uCSCo4wzmnS%2FYWr38sTfG8tpM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb69a6f6922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
301 B 169ms
169ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: c4b06dd6-e2ca-4590-a28e-e5f6cff645ca
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4TfmEgxvu9RHem8%2FXvOhhlKCwuIO0BcPWcHm8N%2FE5xsSLyH%2Be%2FRmljRP%2BwCr3z4XWN72T8n7umDjTFJgpCzcwNir455QN6y0Gfznp3M9O0%2B9cagV5xx8idxRbhx%2Frtv5rWpu3IVd8wFtFh4oTs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb6aa876922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
321 B 133ms
132ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 9a0d8b79-38aa-4566-a27c-6b24e255e269
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pE%2BKhV5gNGaR4%2BSGu8GVCuN0dLxU6oZihNf9owmd7liVP8niziLXQ3P0tZ3%2FeXmPIedwwaHQNBqrQ%2FyYpgahyh4pSu1U%2BRjF%2BP6Rus1OKmamL6%2Be2xuSluYLQoR%2BdCxbDuzk49hJ0mmNL6nC%2FkY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb6aa8d6922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
300 B 145ms
145ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 9947422f-a41d-49e3-a078-c407497c3e72
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ddb9lNuydzu%2Fnm54XER1ipMS8BGpLKYYZNijsMm%2FAe33bcI4SMdWUDtfxl3lDOtLdmo7nx6Pctf4w2vEAbjavSXTGZH1B%2Bn8ZTrTnOHoFb4y6Un5Lp%2FerCoZIgnXQYUfR%2B1QymwsGALaf%2BYW2yU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb6aa986922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/4VZVS64FNRFEXAUW3D4PZO/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

8ms
8ms

Script
application/javascript

2600:9000:206f:6c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Server: 2600:9000:206f:6c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-Amz-Version-Id: Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 32346
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 03 Mar 2022 22:40:46 GMT
Server: AmazonS3
Date: Sun, 22 May 2022 04:34:31 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ea7Xzup7T6NJA7VjFzQNFupWedvv7H4HS8l1f-D9puVCHIqSJLn9Rg==

Redirect headers

Date: Sun, 22 May 2022 13:00:14 GMT
Via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Age: 2003
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 5DcgVxCUN4fPVgZdVcBXaAoIpcxFhMK1jz-MMWkZYVbTqops7EATag==

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
297 B 136ms
136ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.14a2a604dac04b548cd8c6bdfd85448fc1df7da9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 4e031d21-59ce-46be-b3ab-1ec4acd53548
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EB4qN1wvFnWJmMqaWnnTfouL6DEadN70W3oDc47iLhSEnVWGA7tkE3im7lNdiwfCOXJwNNWzM1oxT6lqHIDywBr3%2FH31ioe5w%2BuWv8kp8IvsX8VhLInLw%2Bzr1%2FXRuRTZePF56uSgegmGiHcix4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecb6daeb6922-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 44c177a2cf3f51556bcc.png
dpjhaiprv9czz.cloudfront.net/ 24 KB
24 KB 16ms
16ms Image
image/png 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpjhaiprv9czz.cloudfront.net/44c177a2cf3f51556bcc.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e3e30ee6c862f3799010c62fe83dc68045a679c7180593205dca6c6055266e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:08:13 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 20:23:20 GMT
server: AmazonS3
age: 6909925
etag: "07c79c1d02bb5d53ec872717fcec2f89"
x-cache: Hit from cloudfront
x-amz-version-id: XURkjtA02weFoH2MVwcLG9C47ZJEfM3B
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 24345
x-amz-cf-id: iAUgeEACXtm2hwp2NIcRvt7rM42Jc7cqQq2dz5yWyBSsWIt1UEXHMw==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77b65f6b949a0df2913d86a6e4269e5d70d6cff759561ec7ff5a9cc6dcdfcdab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ec4d0ac88e3e0b7ab79d.png
dpjhaiprv9czz.cloudfront.net/ 23 KB
24 KB 16ms
16ms Image
image/png 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpjhaiprv9czz.cloudfront.net/ec4d0ac88e3e0b7ab79d.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8cacb22daf8ec643b05dc026d4a5fe9cf342ba7037b30b97406dccc24e891d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 02:28:31 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 22:22:01 GMT
server: AmazonS3
age: 385507
etag: "2907b801c6e270f10d18ffa7844f0a69"
x-cache: Hit from cloudfront
x-amz-version-id: goOaGByCBSf0r..Q2vvXKIGcYQpJ0fLf
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 23900
x-amz-cf-id: kVB0NfNN4vWIK3f9SefU0xzCNjVwt131fpjUwaA4voXzc-HD-x6ZSw==

GET
H2 200 59311a935f8900b58658.webp
dpjhaiprv9czz.cloudfront.net/ 5 KB
6 KB 17ms
16ms Image
image/webp 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpjhaiprv9czz.cloudfront.net/59311a935f8900b58658.webp
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 403b5b85d4fe4c8f14257d10e9b3e385b54f59b29eda6dadd0df69385abd5f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:08:12 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 19:10:11 GMT
server: AmazonS3
age: 6909925
etag: "b3e49c2b84a6c49a5a38eaacfea33dad"
x-cache: Hit from cloudfront
x-amz-version-id: 2Iw3Q60Bwi_BkeUB9UkSWy8zWpU8UsGG
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/webp
content-length: 5500
x-amz-cf-id: zL4g8XkOqONKGChQqHTRKzyvWP4XShwVRkQpHbpPfq5-yh9w9mKvkQ==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a03b7c870a8bdd46bcdbdc7e4febec2e20745e57eddac19b1fad4dff29c1a67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 main-menu Show response
fandiem.com/pages/menus/ 2 KB
2 KB 150ms
150ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/pages/menus/main-menu

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

338406888eb57b8ce8263d8d8afa0cb1051c50a3e48cab4d3d76c8a111b66400

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: canary
x-cache: hit, server
server-timing-public: processing;dur=15, db;dur=7
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:52e26a186255c3ac25a3bdb533393a72
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: 972f9e3e-44f4-4d21-9c39-4f7fbfaca09a
cf-ray: 70f5ecb719a19205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 explore Show response
fandiem.com/pages/menus/ 666 B
2 KB 154ms
154ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/pages/menus/explore

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

ab3bddc0103cbbbca75d1b24c50b7468e2ae9fcdd8c1ddc74ce49a6ca82f4ee1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: hit, server
server-timing-public: processing;dur=15, db;dur=6
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:ca6034c923cfa88ab59ff2cf3447dc06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: c0d8e726-18c2-4da5-8baf-c0b68d4b70da
cf-ray: 70f5ecb719a69205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 legal Show response
fandiem.com/pages/menus/ 521 B
1 KB 169ms
169ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/pages/menus/legal

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

8a6c490d0c1632dd1b493a03bb8b0ffe69a44f449d2c1e13cf2e64126501dbf0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: hit, server
server-timing-public: processing;dur=22, db;dur=9
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:ab1ef7cddda811df94bed1051bd94c9b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: 03a27c2a-e4a6-44cf-99eb-0a4f4a8509df
cf-ray: 70f5ecb719a79205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 donate Show response
fandiem.com/pages/menus/ 468 B
1 KB 167ms
167ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/pages/menus/donate

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

ddbe4a46ea14dd431aa4fc95e910ee457a362b9f5e81628a8c65a771d265fed5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: hit, server
server-timing-public: processing;dur=17, db;dur=7
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:cf4bb8abc0097638744e7499c59589b5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: 1e649c05-0702-4db4-9ab1-db6fb8aa6a37
cf-ray: 70f5ecb719a89205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 about Show response
fandiem.com/pages/menus/ 598 B
1 KB 220ms
220ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/pages/menus/about

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

cdf815e9555bbca27b279310c8dabfc4cd43d9a15b7361e674889f4f1d6c1029

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: hit, server
server-timing-public: processing;dur=22, db;dur=7
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:682d4c2aa9a8b6124ac983a999779267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: aab2a45d-248b-4ec9-96c4-08f0f9305551
cf-ray: 70f5ecb719a99205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H/1.1 200
OK kesha Show response
app.fandiem.com/api/public/sweeps/ 12 KB
4 KB 254ms
140ms XHR
application/json 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fandiem.com/api/public/sweeps/kesha
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 23f942dad09cd5dc795c4c6fedb41b26e841224fcff14d4d159c889d920c9211

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:37 GMT
Content-Encoding: gzip
Etag: "301a-L6CxtFLebsnZz/C+8+vu7+dnVKY"
Server: Cowboy
Access-Control-Allow-Origin: https://fandiem.com
X-Powered-By: Express
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Via: 1.1 vegur
X-Ratelimit-Remaining: 996
Access-Control-Allow-Credentials: true
X-Ratelimit-Reset: 1653227132
X-Ratelimit-Limit: 1000
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3 200 MazzardH-Medium.otf
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 126 KB
53 KB 18ms
18ms Font
font/otf 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Medium.otf

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838e202d62f0841ecf7e577b095f4cbfe84507cc3e1a651b2eaaf8a821d9f2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1010297
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5lhRaUyS7wAfvp3AGIYhGi0hT6HUGJmEn3wRa%2FkaEZ1G7E3YsL2Pb9w8OeamJUo7UuEA6eP0j2VCD7vqzj4JbKQS3mrflPMImO5mqzk1%2F8BtCppyJdohyKnvDVBwxyBBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=84.663, imageryFetch;dur=84.260
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 236b15bf-2f1e-472d-9158-1a06cfc50089
timing-allow-origin: *
surrogate-key: segment4-25641 shop-50221678757 mime-font/otf-25641 time-bucket-20220510-25641 ccd7e1cc02221c43d0a9244b12cecd4f9ec6b0f21da45727cb1cadf93fbc1d3e
last-modified: Tue, 10 May 2022 11:53:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/otf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb72b1b92b7-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Medium.otf>; rel="canonical"

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 19ms
19ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

GET
H3 200 410807596975192 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410807596975192?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5af5d4a4ad777c67933623be3d76693c5c3d8048ee94c4f44447bd574440f38

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89146
x-xss-protection: 0
pragma: public
x-fb-debug: cnx8587HMhAZHfZt/Y9802Ybol9E46gzPOFDQzdDjEc2Gxo+lRIXu5GoBywIviMcASZ1DPBiPAphnGd3b0RwoQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 22 May 2022 13:33:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 May 2022 13:46:07 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-181963629-1&cid=2143699563.1653226416&jid=1566014269&gjid=1123982975&_gid=71087585.1653226416&_u=QCCAgEIJBAAAAE~&z=757555557

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 13:33:37 GMT
content-type: text/plain
access-control-allow-origin: https://fandiem.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=536901327&t=pageview&_s=1&dl=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&dr=http%3A%2F%2Fwinwith.fandiem.com%2F&dp=%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ul=en-us&de=UTF-8&dt=Win%20an%20Autographed%20Picture%20of%20Kesha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCAgEIJB~&jid=1566014269&gjid=1123982975&cid=2143699563.1653226416&tid=UA-181963629-1&_gid=71087585.1653226416&did=BwiEti&z=1931532397

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 45ms
19ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-370662395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 13:33:37 GMT

GET
H2 200 4VZVS64FNRFEXAUW3D4PZO Show response
d.adroll.com/consent/check/ 449 B
542 B 104ms
32ms Script
application/javascript 52.214.198.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/4VZVS64FNRFEXAUW3D4PZO?arrfrr=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&_s=659040eb1735a0ac3086e8a2e2cc1f09&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/4VZVS64FNRFEXAUW3D4PZO/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.198.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-198-95.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 3931be4838c59b741d8e828b1bf7dd5e082eae4e809af617fe27c6243b7e985a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 53ms
34ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=2143699563.1653226416&jid=1566014269&_u=QCCAgEIJBAAAAE~&z=1381711226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
34ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=2143699563.1653226416&jid=1566014269&_u=QCCAgEIJBAAAAE~&z=1381711226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
362 B 153ms
126ms Script
text/javascript 2606:4700:4400::ac40:9197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=1001208398&prismid=d81e67ae-3fd8-4914-ad07-9305933ac060&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 70f5ecb7ef2d0225-ZRH
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 488 B
829 B 59ms
38ms XHR
application/json 104.79.88.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612813512367&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1653226417876

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.da6656b8.1653226417.a426a337
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1771039096912898
pin-unauth: dWlkPVpHRmpNRFl6Tm1VdE1tUTRaUzAwTm1GbExXSTRZek10Wm1aaE1HUXlZbVUwTkdabQ
access-control-allow-origin: https://fandiem.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 41ms
41ms Image
image/gif 104.79.88.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612813512367&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown%22%2C%22ref%22%3A%22http%3A%2F%2Fwinwith.fandiem.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1653226417914

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:37 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.da6656b8.1653226417.a426a353
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1172111112673982
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 40ms
39ms Image
image/gif 104.79.88.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22ebf9320c-8E8F-457C-64B0-8F5EB9500E08%22%2C%22currency%22%3A%22USD%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A7548640624894%2C%22product_variant_id%22%3A42408255947006%2C%22product_name%22%3A%22Win%20an%20Autographed%20Picture%20of%20Kesha%20-%20100%20entries%22%2C%22product_price%22%3A%2210.00%22%7D%5D%7D&tid=2612813512367&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown%22%2C%22ref%22%3A%22http%3A%2F%2Fwinwith.fandiem.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1653226417914

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.88.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-88-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:37 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.da6656b8.1653226417.a426a354
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
content-length: 35
x-pinterest-rid: 1539306183106219
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=536901327&t=event&ni=1&cu=USD&_s=2&dl=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&dr=http%3A%2F%2Fwinwith.fandiem.com%2F&dp=%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ul=en-us&de=UTF-8&dt=Win%20an%20Autographed%20Picture%20of%20Kesha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EnhancedEcommerce&ea=Viewed%20Product&_u=SCCAgEIJBAAAAE~&jid=&gjid=&cid=2143699563.1653226416&tid=UA-181963629-1&_gid=71087585.1653226416&did=BwiEti&pa=detail&pr1id=win-an-autographed-picture-of-kesha-100-entries&pr1nm=Win%20an%20Autographed%20Picture%20of%20Kesha%20-%20100%20entries&pr1ca=&pr1qt=1&pr1pr=10.00&pr1br=Fandiem-KESHA&pr1va=100%20entries&z=694172524

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 17:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410807596975192&ev=PageView&dl=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&rl=http%3A%2F%2Fwinwith.fandiem.com%2F&if=false&ts=1653226417928&sw=1600&sh=1200&v=2.9.60&r=stable&a=shopify&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22653142685708720%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22326808842606046%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1653226416259.1901268255&it=1653226417811&coo=false&eid=ebf931fc-2C7B-4456-3767-8B1C7AD6AC5F&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 22 May 2022 13:33:37 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410807596975192&ev=ViewContent&dl=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&rl=http%3A%2F%2Fwinwith.fandiem.com%2F&if=false&ts=1653226417930&cd[content_ids]=%5B7548640624894%5D&cd[content_type]=product_group&cd[content_name]=Win%20an%20Autographed%20Picture%20of%20Kesha%20-%20100%20entries&cd[content_category]=&cd[currency]=USD&cd[value]=10.00&sw=1600&sh=1200&v=2.9.60&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1653226416259.1901268255&it=1653226417811&coo=false&eid=ebf9320c-8E8F-457C-64B0-8F5EB9500E08&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 22 May 2022 13:33:37 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/ 3 KB
2 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1653226417987&cv=9&fst=1653226417987&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc14b21dbd140c88771ed1dacf99a3eda944ceae28659e8e2fbe38c5a828ef5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/370662395/ 2 KB
1 KB 66ms
45ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/370662395/?random=1653226417990&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

82fef94b5c42c23859465622222ab0a72e65c52126faa18a2c3fe020c0c794f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/370662395/ 2 KB
1 KB 60ms
43ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/370662395/?random=1653226417995&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8540c9252735eab6c2d32435bf1a39faef931845f1310b5e623371c549cb6009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1352
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 267ms
266ms Script
application/javascript 104.104.52.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: b5186f7d.6540f34e
date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-61.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 245,104.104.52.61
server-timing: cdn-cache; desc=MISS, edge; dur=212, origin; dur=33, inner; dur=4
content-length: 30847
pragma: no-cache
server: nginx
x-tt-logid: 2022052213333801000200600500500600302500A577CA
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.220.105.219
x-tt-trace-host: 01312a5663f8e3d0185bc28bce79de02624f04beaba10ab0d20c44b86eeb0e1957a196790e4c8564805d4d90f82176dc5f23526d7d7b6bc51e652987c56da68bea866f082fce40fe0cb5baecab393474b0e121a2361959ce724d643ddf9442c9226d078dbb1046371e5cf8fde271861eb7
expires: Sun, 22 May 2022 13:33:38 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 130ms
129ms Script
application/javascript 104.104.52.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1VL44OQDRQBNKO1M8DG&hostname=fandiem.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a8ef59459d7ed3ba19628c31019b87bab034c2870a2781c1f4e19f2d35c0d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-akamai-request-id: 733d74fe.6540f37c
date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-12.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-61.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 100,104.104.52.61
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=6, inner; dur=4
content-length: 1830
pragma: no-cache
server: nginx
x-tt-logid: 20220522133338010002003005006003010089DDF70
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,104.78.78.12
x-tt-trace-host: 01312a5663f8e3d0185bc28bce79de0262ffa6c68b02a2e6c242ad881b9a7f2dd720227d3e5f305d2462f3e11adf90b2f0c57f7c7b00f5178e2dfccc89ef3c36f6463e042da1358bd129e8d797c263ac8ff51c61f3c0f91cece2b568a9291b839b6b587e7ce81a1b6ab213fe6f44759328
expires: Sun, 22 May 2022 13:33:38 GMT

GET
H2 200 qjLGWf-qzxs Show response
www.youtube.com/embed/ Frame A602 62 KB
27 KB 100ms
53ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qjLGWf-qzxs

Requested by

Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v534.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0635398c30973065f2f500e2bb2d88efc31498393b31ff2153fb64b875a5c158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fandiem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 22 May 2022 13:33:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK main.min.js Show response
widgetv3.bandsintown.com/ 516 KB
157 KB 107ms
34ms Script
application/javascript 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetv3.bandsintown.com/main.min.js
Requested by: Host: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/8831.847f65dad31694f354ba.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76272be7b8a2e5a7c80ccd26642ddb222b0e93f57952c7d52dbd41ac931f937a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:51:20 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 17 May 2022 19:05:30 GMT
Server: AmazonS3
Age: 2539
ETag: W/"b06e7db2dcd70acac9994e9e276858db"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: Bz5zVrqj-Ad47ExnTPr5JYjulcKj5rRvsh1x6oDD4wJCAZkb7XNHUw==

GET
H2 200 GNwXVi5.png
i.imgur.com/ 91 KB
91 KB 67ms
25ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GNwXVi5.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

13eb7acfd4c39ff1169d1551db8131b249a189ce7dec58d8e01c2fd60b6f7fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
age: 1651767
x-cache: HIT, HIT
content-length: 93297
x-served-by: cache-iad-kjyo7100082-IAD, cache-fra19160-FRA
last-modified: Mon, 07 Feb 2022 19:59:15 GMT
server: cat factory 1.0
x-timer: S1653226418.220393,VS0,VE9
etag: "6f0b37df39c734c27991518131ca0cdd"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3 200 analytics.js Show response
cdn.shopify.com/shopifycloud/media-analytics/v0.1/ 24 KB
9 KB 36ms
35ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 875
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgbqrEkWehYh1QLxiGAXgDYNo%2FhoUAetcBz%2Bkyx98offq2a8WqlBdOuciKbc2QrFsFnZjA%2BZkJ6ZuoKVktyUZtqqmuYoB3mKPT4Mbsz%2BZIGvnjaAoqYjmbITtromQnIFVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=21.958, imageryFetch;dur=21.764
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cab4c6e9-3f87-4bcd-bb58-f9afb1bdaf42
timing-allow-origin: *
last-modified: Sun, 22 May 2022 12:35:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 70f5ecb9afb292b7-FRA
link: <https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js>; rel="canonical"

GET
H2 200 Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png
d1tkzf9ss7ctgm.cloudfront.net/10x/images/ 304 B
657 B 60ms
20ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f11d6f947628cf65a4d88f2d44ea003d7ba21fd4145b569c34fd6aff1ec19a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 13 May 2022 05:14:34 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 01:47:03 GMT
server: AmazonS3
age: 807545
etag: "d64e8b3fa8e7c4f6cb45e3bc1c541e54"
x-cache: Hit from cloudfront
x-amz-version-id: f1sW4Dk9ZvQIzNVCY28jSWBpz2WjTg7Y
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 304
x-amz-cf-id: GLFqoWHwMmvYKVvUiuObjUV-rpoDeBkgei2XdebRI7WtvG105yVylQ==

POST
H2 200 / Show response
h.trey.shop/ 867 B
1 KB 399ms
200ms XHR
text/plain 3.33.204.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h.trey.shop/?ci=js/3.5.7

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.204.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a082a4fa0823469f3.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5db2ecc54a654d72496f0ed8725a969de6af6524a5772de9a9e6e865acc715d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
server: nginx
date: Sun, 22 May 2022 13:33:38 GMT
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://fandiem.com
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
vary: Origin
content-length: 867
x-content-type-options: nosniff
retry-after: 0

GET
H3 200 all Show response
fandiem.com/collections/ 822 KB
90 KB 176ms
176ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/collections/all?page=1&filter.v.price.gte=0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

8010099f316b99c322c6e6cf1988c7d024e3fa65d0ccf26ddf1a6c546f8c40cd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: hit, server
server-timing-public: processing;dur=20, db;dur=8
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:5b12188be04f20dd2069da4aa0862d43
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
x-request-id: f6590a3f-1918-4d9c-92b2-a2e833f1a8fe
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70f5ecb9cda99205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 MazzardH-SemiBold.otf
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 127 KB
53 KB 32ms
32ms Font
font/otf 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-SemiBold.otf

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e2566ef1f4801b1e60ec553d07f911e99f0e8288ed24c8a3c7ed1a578deeca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1010295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mK0U0MEB%2Fzzm2JkAZJ%2FZduUn1slJG5VWT1fvD7xTPq0xRD5rMlvbg2gW3ub20oNi9dr3EY1vALLWymVcTqlZAZ1bJ5p5MdKtEs4eKOHiE%2BHaPB%2FM4hl6uwi2rT7X4ke2Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=123.603, imageryFetch;dur=123.154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 665034b6-4785-4a29-87e6-0ab6926f64b2
timing-allow-origin: *
surrogate-key: segment4-45725 shop-50221678757 mime-font/otf-45725 time-bucket-20220407-45725 8a10095646b1ff27e179842ee6f2e364b04797ffafa376e313f382dd23466de4
last-modified: Thu, 07 Apr 2022 17:38:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb9d81292b7-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-SemiBold.otf>; rel="canonical"

GET
H3 200 MazzardH-Bold.otf
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 126 KB
53 KB 31ms
31ms Font
font/otf 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Bold.otf

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbea88fbfcb361ef825d266d89ef41aa060d3f266d77246dac3dd12a32d65c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1010298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU4UkfiRtyOsbCBOdmPt%2FksCG7%2BOFZ23DdidPlt3W%2F8GQ81ub%2Bp3bjvtUhCerU2euAHjM3hKF87ygvRY0wP1PbsNYnRXMMaxrmWHxs3mwEOfYOio1jg72zCWtqW11R2r%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=60.606, imageryFetch;dur=60.221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ae780780-2fb2-46dc-a175-c335ba138b69
timing-allow-origin: *
surrogate-key: segment4-17930 shop-50221678757 mime-font/otf-17930 time-bucket-20220407-17930 31599b2c69c07bc7c7495214a122efae8a39ab69af98ad848ee6a5036eed9417
last-modified: Thu, 07 Apr 2022 16:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb9d81392b7-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Bold.otf>; rel="canonical"

GET
H3 200 MazzardH-Black.otf
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 123 KB
50 KB 35ms
34ms Font
font/otf 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Black.otf

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234a728142e0fb27f5abb7c64ca9ae9bb5d26066dab12d0527a338b5af5dbf0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 590398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxB9ntXX4Phiw%2B7Hj1xV2clUKsrW%2F6PpirK5jDWLssdYJzzwcObmcszuMigN9de1mBoIuz0dVnBQjjlODo4g36VKrJh%2FMMWEuqMAHKukSJQFxGyhkaUWhXVlBct2pR9P6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=51.509, imageryFetch;dur=51.104
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: af97e090-6109-4403-8c14-1474588d9367
timing-allow-origin: *
surrogate-key: segment4-13013 shop-50221678757 mime-font/otf-13013 time-bucket-20220510-13013 6a0566ee8ac61e876adadaa1e9ade1db603c4605164f1c75d22f51aed7cfc948
last-modified: Tue, 10 May 2022 12:12:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/otf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecb9d81592b7-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Black.otf>; rel="canonical"

GET
H2 200 f2eeeb7957aed685293d.otf
dpjhaiprv9czz.cloudfront.net/ 126 KB
68 KB 52ms
17ms Font
font/otf 2600:9000:21f3:d800:15:5e1:43c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpjhaiprv9czz.cloudfront.net/f2eeeb7957aed685293d.otf
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838e202d62f0841ecf7e577b095f4cbfe84507cc3e1a651b2eaaf8a821d9f2d8

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 14:08:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 6909925
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Feb 2022 20:23:23 GMT
server: AmazonS3
etag: W/"5b52f8b17693f17adb0c50d90798603f"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ik01sy7gktqp5Tw1g.G0XlGqjuruhVzy
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: font/otf
x-amz-cf-id: BhrTsnMMfeJ4W7WJI_TqiTrEYIqOBZsU8TyNnw2PpoyCc7l3UNx-SA==

GET
H2 200 Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png
d1tkzf9ss7ctgm.cloudfront.net/10x/images/ 212 B
557 B 29ms
26ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0c2f2e5acaf896fe147c7e12de2fc594d584798191242604ce4872f9c5ecd0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 17:40:02 GMT
server: AmazonS3
age: 1
etag: "e3dffad442b9e7b25711cf00b7102c4f"
x-cache: Hit from cloudfront
x-amz-version-id: w1n_EF1bBbD6s4i66gFA8Maan19dl6mc
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 212
x-amz-cf-id: TWQdevW4AVrc8ITfClzppKNZCDuBnWUb3ZBAxG-VpA-IpeatcUM55A==

GET
H2 200 Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png
d1tkzf9ss7ctgm.cloudfront.net/2000x/images/ 2 MB
2 MB 24ms
21ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/2000x/images/Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 679b0b82aeefb87c444825eda53ea21424fcb25dc933ae93710b87569e756dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 22 Feb 2022 03:11:18 GMT
server: AmazonS3
age: 1
etag: "3034928e825d72239482f71403080c42"
x-cache: Hit from cloudfront
x-amz-version-id: xSBXCfzR8smNwANOCjXxKkPGkrsOikTh
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 2007634
x-amz-cf-id: bZ-6MSGVZXAUmLFBhxNMs_h6LNE1G6DrNcUBjeE4G58h9oju2_0m1w==

GET
H2 200 TITLE_xkW5ZnszfsDGTsVptFjbzX.png
d1tkzf9ss7ctgm.cloudfront.net/10x/images/ 461 B
808 B 21ms
19ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/TITLE_xkW5ZnszfsDGTsVptFjbzX.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a3cb7a35f92503acd9fe20b5335dca76283aa8601ab7102daeed6a172703a89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 18:22:37 GMT
server: AmazonS3
age: 1
etag: "73b1a7e5cb71271d9d42913594129525"
x-cache: Hit from cloudfront
x-amz-version-id: .QJatuNuBD60YtNiQmNtFciehK4fjLwZ
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 461
x-amz-cf-id: EDrvyEB1aSN39kmTZ6g6PExbTWmj0ZcFp-9Z_7BvGJc9zDdf4WhvOQ==

GET
H2 200 TITLE_xkW5ZnszfsDGTsVptFjbzX.png
d1tkzf9ss7ctgm.cloudfront.net/200x/images/ 85 KB
85 KB 35ms
33ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/200x/images/TITLE_xkW5ZnszfsDGTsVptFjbzX.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e23727d52bc256babd36c2f1795d4d4694c0700f88175de11104b53dc949a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 18:22:39 GMT
server: AmazonS3
age: 1
etag: "fc67b7862b140548bda653a8e4773cf2"
x-cache: Hit from cloudfront
x-amz-version-id: W5m8DUQEHOJ_TZtGPZCTlPRyMTllc1Tr
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 87095
x-amz-cf-id: NGy1--LU8v18F_njmFzhPaqVhI9KYAFnIooitSNwGaBQHqONVfogDg==

GET
H2 200 image0_mXYS65LDRZgYr2r6UWLAK5.png
d1tkzf9ss7ctgm.cloudfront.net/10x/images/ 411 B
759 B 56ms
55ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/image0_mXYS65LDRZgYr2r6UWLAK5.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbf0c821489ff8b5e2d2347a9dd91fe94d67b4a363ceadedaf719b9123bc828e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 18:22:37 GMT
server: AmazonS3
age: 1
etag: "e1a135a8baaa9a5f7f7ec862a07ba790"
x-cache: Hit from cloudfront
x-amz-version-id: 0xnfNmFncgzR1ZTNM037TXSsCCEsqq8t
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 411
x-amz-cf-id: xP2NCXDgvz-AaOqex_9FpaMZV9bCK0djqqHAlDXEUZ1QT9VQet-glQ==

GET
H2 200 image0_mXYS65LDRZgYr2r6UWLAK5.png
d1tkzf9ss7ctgm.cloudfront.net/200x/images/ 78 KB
78 KB 54ms
52ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/200x/images/image0_mXYS65LDRZgYr2r6UWLAK5.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 003af9995ef56ae44570eed97320356311dd2e2c86be1844c26b4fa3e85087d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 18:22:39 GMT
server: AmazonS3
age: 1
etag: "dd259949d9aff5ba09ec018dbeb7f59e"
x-cache: Hit from cloudfront
x-amz-version-id: A5JwgTAHMz4CxixKZJ4OCd_RVFbreZsE
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 79778
x-amz-cf-id: krdni0vIUyGTix0YAIWRhy4LdWE191BevQ5kz96boeV9gD7Fk5v7iA==

GET
H2 200 F-Covid-Tote-2_cdhdenvQE9vsRKCuT7qDtg.png
d1tkzf9ss7ctgm.cloudfront.net/10x/images/ 437 B
784 B 36ms
35ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/F-Covid-Tote-2_cdhdenvQE9vsRKCuT7qDtg.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a2a512e956e3bfe192159f8d8867b16eb6eb9b4f122f4d29f85b56060818229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 16:32:22 GMT
server: AmazonS3
age: 1
etag: "e9e0918358b2c520ef0ee8fc15d47191"
x-cache: Hit from cloudfront
x-amz-version-id: c5Vv6_3PYcHpdn.tCtcwP.Q.0vXP1dtn
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 437
x-amz-cf-id: Lf4THNRbx9w4RgyeoUEhFrGdY-J9UGOvY66YFTs83YWlRhzVDcPXVg==

GET
H2 200 F-Covid-Tote-2_cdhdenvQE9vsRKCuT7qDtg.png
d1tkzf9ss7ctgm.cloudfront.net/200x/images/ 40 KB
41 KB 51ms
49ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/200x/images/F-Covid-Tote-2_cdhdenvQE9vsRKCuT7qDtg.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1fbb355d4bd4beda6e2e7a5c2524abc8e2c8a828124c05b272f0224f7aa1064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 23:27:31 GMT
server: AmazonS3
age: 1
etag: "0cb72dc04b117c982dec6bee09ddce35"
x-cache: Hit from cloudfront
x-amz-version-id: up.CUI8IGL6jHkQo7U4fZ08fdO1bYBXB
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 41343
x-amz-cf-id: wYIj6_CmSfV5LEAyVGW7q7GUliT0N0inKZGzRtkr4ldBZw3GdODnlg==

GET
H2 200 Kesha_h8b8eKhi5EPiaHS2DxYvfR.png
d1tkzf9ss7ctgm.cloudfront.net/10x/images/ 355 B
701 B 59ms
57ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/Kesha_h8b8eKhi5EPiaHS2DxYvfR.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b088b2dad2ac11713db3653c569db4f4113cabdb819361a0f6610744a98689bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Fri, 15 Apr 2022 16:57:48 GMT
server: AmazonS3
age: 1
etag: "1b0fa27159afa4e4fd8deace33068284"
x-cache: Hit from cloudfront
x-amz-version-id: azaRYoInU_PqpWv1lxOfJCwOYaq3BfV9
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 355
x-amz-cf-id: 8wLyXb1ep2oXeDxHaxsONba-Bc_slGADaw48taY5R15bEm8sFWjqHw==

POST
H/1.1 204
No Response matomo.php
app.theadslab.io/ 0
0 677ms
676ms Ping
text/html 18.119.43.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.theadslab.io/matomo.php?action_name=Win%20an%20Autographed%20Picture%20of%20Kesha&idsite=335&rec=1&r=150279&h=13&m=33&s=38&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&urlref=http%3A%2F%2Fwinwith.fandiem.com%2F&_id=c4b0c8a68e1fc720&_idn=1&_rcn=f-covid-bandsintown-sweet-relief-2022&_refts=1653226418&_ref=http%3A%2F%2Fwinwith.fandiem.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=ROsNQh&pf_net=30&pf_srv=166&pf_tfr=109&pf_dm1=459
Requested by: Host: app.theadslab.io
URL: https://app.theadslab.io/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.119.43.107 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-119-43-107.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/370662395/ 42 B
64 B 25ms
22ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/370662395/?random=1653226417987&cv=9&fst=1653224400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=1026295884&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/370662395/ 42 B
64 B 32ms
29ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/370662395/?random=1653226417987&cv=9&fst=1653224400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=1026295884&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Kesha_h8b8eKhi5EPiaHS2DxYvfR.png
d1tkzf9ss7ctgm.cloudfront.net/2000x/images/ 2 MB
2 MB 91ms
87ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/2000x/images/Kesha_h8b8eKhi5EPiaHS2DxYvfR.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dea879f51f500fe9f9b01701e342822dfd978b106c15f56d90e1a782425fb5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 13:43:13 GMT
server: AmazonS3
age: 1
etag: "b9827b311c48ab42a348d3f76991246e"
x-cache: Hit from cloudfront
x-amz-version-id: ldIG7G2r701Z0Eix1OjObSKJNJrngvwA
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 2353979
x-amz-cf-id: W70YA_Rc9zdYxGW0QRyeSMoEpZSuQau-0k4cgyWqM5i7Am75yrIYwA==

GET
H/1.1 206
Partial Content -KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4
fandiem-storage.s3.us-east-2.amazonaws.com/images/ 282 KB
282 KB 476ms
122ms Media
video/mp4 52.219.101.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fandiem-storage.s3.us-east-2.amazonaws.com/images/-KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.101.106 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d120cf757a72bab3e3d936b789aaf1cf885eb8def7a0f64d416c223423359385

Request headers

Referer: https://fandiem.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 22 May 2022 13:33:39 GMT
Last-Modified: Tue, 08 Feb 2022 18:21:48 GMT
Server: AmazonS3
x-amz-request-id: 76R5DZRS7QZ3T8H6
ETag: "d4f0ac7fdb3fb00772e0ca75239cc355"
x-amz-version-id: XsQnNzEIv6NFCLWsSMel6j3RXbLAwwjW
Content-Range: bytes 0-288539/288540
Accept-Ranges: bytes
Content-Type: video/mp4
Content-Length: 288540
x-amz-id-2: nNbe7vRpjyo2+BpdSe+ED8fd4QhkjjOSzqfx6d1hdL6zfWa3OpsOfxAgBo0VeW6R3j3Lm9rhw8I=
Expires: Thu, 01 Jan 1970 00:01:00 GMT

GET
H/1.1 206
Partial Content -KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4
fandiem-storage.s3.us-east-2.amazonaws.com/images/ 51 KB
0 495ms
129ms Media
video/mp4 52.219.101.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fandiem-storage.s3.us-east-2.amazonaws.com/images/-KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.101.106 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://fandiem.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 22 May 2022 13:33:39 GMT
Last-Modified: Tue, 08 Feb 2022 18:21:48 GMT
Server: AmazonS3
x-amz-request-id: 76R75X445ENF7FCS
ETag: "d4f0ac7fdb3fb00772e0ca75239cc355"
x-amz-version-id: XsQnNzEIv6NFCLWsSMel6j3RXbLAwwjW
Content-Range: bytes 0-288539/288540
Accept-Ranges: bytes
Content-Type: video/mp4
Content-Length: 288540
x-amz-id-2: pf+SaFfskUGfACq7128W77nHoglX9Tb8r77YtDJwTUysclUDTL6P+NSjfSveJaKI4/hWGpSw+Q4=
Expires: Thu, 01 Jan 1970 00:01:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 130ms
129ms Ping
application/octet-stream 104.104.52.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 233758f8.6540f42b
date: Sun, 22 May 2022 13:33:38 GMT
x-cache-remote: TCP_MISS from a104-78-78-29.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-61.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 104,104.104.52.61
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=12, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022052213333801000200763700400500600300813AC15C9
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,104.78.78.29
x-tt-trace-host: 01312a5663f8e3d0185bc28bce79de0262ffa6c68b02a2e6c242ad881b9a7f2dd79eff961a173e08503d659ccdb020be2a5c7477fe70bf9d8acf91e8985d4484c755ca47b6c0060962564654a05698050c2b373059d3153010977f369cc85f205075c64bedcbb6f8ea9affd139836eb6fa
expires: Sun, 22 May 2022 13:33:38 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
712 B 152ms
150ms Ping
application/octet-stream 104.104.52.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8340ef53.6540f42e
date: Sun, 22 May 2022 13:33:38 GMT
x-cache-remote: TCP_MISS from a104-78-78-37.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-61.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 119,104.104.52.61
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=22, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022052213333801000200300500600300008AC4D10
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,104.78.78.37
x-tt-trace-host: 01312a5663f8e3d0185bc28bce79de0262ffa6c68b02a2e6c242ad881b9a7f2dd7ace9dbc00e90e97d2a66e1120fcd8361058aebf8a83210c15b9090132e05af09428429e947ba90b3c06bb690d64e4aeaf094b76a574d50cec5a815d9944e30d5e3951b83fbf1e175ba3ce173fe1a3b51
expires: Sun, 22 May 2022 13:33:38 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
719 B 163ms
162ms Ping
application/octet-stream 104.104.52.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-65.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f9a320df.6540f430
date: Sun, 22 May 2022 13:33:38 GMT
x-cache-remote: TCP_MISS from a23-220-105-213.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-104-52-61.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-parent-response-time: 137,104.104.52.61
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=27, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202205221333380100020060050050060030180AA57A5C
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.105.213
x-tt-trace-host: 01312a5663f8e3d0185bc28bce79de02624f04beaba10ab0d20c44b86eeb0e1957ae34f646aaa8e991257989c5a71fcad17361a58b2821d0a1f8b83348b96110510e060555579b804ae108169d7fda421fcb697317d97bc667b6d1a440336852dc2ecbf3ef50438442621e356cd6aee11c
expires: Sun, 22 May 2022 13:33:38 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/370662395/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
64 B

32ms
30ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv28AdiH9fgPufmikAI&cid=CAQSKQCNIrLMOoV6vMuWcvRItije7A048yoHYEqy-pg75Y41NHxG_Mchzz2-&random=895075476&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/370662395/?random=946622497&cv=9&fst=1653226417990&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv28AdiH9fgPufmikAI&cid=CAQSKQCNIrLMOoV6vMuWcvRItije7A048yoHYEqy-pg75Y41NHxG_Mchzz2-&random=895075476&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/370662395/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

41ms
39ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv-_AaKR9fgPpqG86Ao&cid=CAQSKQCNIrLM14CWQxslTNNJbV3cNTqc-Jjq2xE5MdYgKVO7huIWYKeFAP3w&random=3685401640&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/370662395/?random=1074722935&cv=9&fst=1653226417995&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=1474639697.1653226418&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sjuKYv-_AaKR9fgPpqG86Ao&cid=CAQSKQCNIrLM14CWQxslTNNJbV3cNTqc-Jjq2xE5MdYgKVO7huIWYKeFAP3w&random=3685401640&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET 4a641adac032d7803bcd.otf
dpjhaiprv9czz.cloudfront.net/ 0
0

GET
H2 200 Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png
d1tkzf9ss7ctgm.cloudfront.net/2000x/images/ 779 KB
781 KB 101ms
101ms Image
image/png 2600:9000:214f:4800:1a:25dd:c980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tkzf9ss7ctgm.cloudfront.net/2000x/images/Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 170d2e51f23720cf6f83212bbbea382e2e9418ecce32d034eefc02d20ae765e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 01:53:31 GMT
server: AmazonS3
age: 1
etag: "c0e51679fef8f8f6f0287415e6f1803c"
x-cache: Hit from cloudfront
x-amz-version-id: 4eByAjDukTE0lLKkSZDSiUHS6_zlQ3CL
x-amz-cf-pop: FRA53-C1
content-type: image/png
content-length: 797308
x-amz-cf-id: gAiUWLh6OIUfwT7PFIVBIjkh7GR3LNDtEmQwjADqLPJ804uE52FsKg==

GET
H3 200 www-player.css
www.youtube.com/s/player/ec0ced91/ Frame A602 336 KB
46 KB 78ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2efd56968cfd13844fa86fb967ca2cd504fdcb8ac384157875c105b3956c3811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 17:16:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47270
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 May 2023 17:16:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/ Frame A602 281 KB
86 KB 106ms
59ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48e8278dbd5f830c3e36b053e5d330d93dbf9a81ffb61b4351305628dbd8e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 21:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88442
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 May 2023 21:53:51 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame A602 2 MB
529 KB 114ms
67ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92c898ba6b094f9ea8967a9c6d1675c6d4b3de9128a65f2ba04390f20ec20be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541747
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:52:14 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ec0ced91/fetch-polyfill.vflset/ Frame A602 9 KB
3 KB 73ms
27ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:53:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A602 15 KB
16 KB 96ms
26ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 419217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 17:06:41 GMT

OPTIONS
H3 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 226ms
163ms Preflight 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://fandiem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://fandiem.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70f5ecbaff279b52-FRA
content-length: 0
date: Sun, 22 May 2022 13:33:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jbvqhi6utUrfK1gb29UzmdSm9rWVm9AN8tAnuh53TrStQXx3pCQ52sRWQZqfSesDI9PgTBeE4Pl01ssuHgFulKRiuTi3RN%2FEHgghNVgrI6e%2BcOXeGhivJziZB9gpzo7GAjd5lRg6hGuGpI0%2FMT8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-central1
x-request-id: 39a65d55-9ba8-4348-ab11-97115dcf8f41

OPTIONS
H3 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 200ms
140ms Preflight 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://fandiem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://fandiem.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70f5ecbaff1e9b52-FRA
content-length: 0
date: Sun, 22 May 2022 13:33:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H006mQrxH07QEc4U1H9xGmi8P%2B6sAp0HvLAAOXKbzGoxN1leG40FWiTxKWt%2FdKKi7HBm%2BKx9XqaGhx7gz6l35dZtA9%2B7xHt0OOLqhLcwhoHvta91NmtcmrMTaiyMio5Uqh2qEdlEFJWJE%2FDcwDY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1
x-request-id: 22ee86fe-252c-4d63-8cd7-46592d4fba32

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 131ms
130ms Fetch 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
X-Monorail-Edge-Event-Created-At-Ms: 1653226418319
X-Monorail-Edge-Event-Sent-At-Ms: 1653226418320
accept-language: de-DE,de;q=0.9
X-Monorail-Edge-Client-Message-Id: aecb986e-fd19-4714-bd61-e51be3082bf4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 3daba081-c32e-4c91-ae6e-98fda88befd9
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTis7g0Dio4DM4IwmuYYBillld10nWg7clU3Xsem4DV3WOrGZdouqS3FYs4eFcYfm9vMasGw%2FgdiL3D8Lud2AVnc1JYMPO3V%2BETjAD%2B0Ev6Vq%2FChj07LkI55jwcinGSLmDmdZE%2FTz9%2ByiCog3mY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecbbe9029b52-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 159ms
157ms Fetch 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
X-Monorail-Edge-Event-Created-At-Ms: 1653226418321
X-Monorail-Edge-Event-Sent-At-Ms: 1653226418321
accept-language: de-DE,de;q=0.9
X-Monorail-Edge-Client-Message-Id: 5c6c6ca9-1ed4-448f-93f0-946edb123a86
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 40d7626e-e367-4e60-9ea9-b15dac6f0915
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A34HPjmldekrP1OeWcuoak%2FpITgWWDm3N7S6OXAWacGtBZ6CiiX0a8NIzpWrJtikLCyWDK8GUv%2BuCyBlJkCmEivLWTX7T26WJwfiTNumcuU5Lkoz5j43Z2d8y4JWDCfFSqID1257Kh6T0L6lWFM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecbbd8d09b52-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 169ms
167ms Fetch 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
X-Monorail-Edge-Event-Created-At-Ms: 1653226418321
X-Monorail-Edge-Event-Sent-At-Ms: 1653226418321
accept-language: de-DE,de;q=0.9
X-Monorail-Edge-Client-Message-Id: 1190dee1-80b6-4a48-9dbd-ecd312762f21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 48706e7e-d7c4-4135-b4b7-5fad82b15e0e
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHeCfVYntiHgBkYieSRUy0Pa4tyWKr2CEJaA0effguCVVvINLLFOzgOajlSx%2FFUBl4q8o57WJtgupece2ZnVwNy148tWIZ%2FBa0WK6euM0kJctUvxBOtdCzfw7ZT4nQn9WcyTExBw70snpl9m%2BQU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecbbd8c89b52-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

OPTIONS
H3 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 198ms
137ms Preflight 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Access-Control-Request-Method: POST
Origin: https://fandiem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://fandiem.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70f5ecbaff269b52-FRA
content-length: 0
date: Sun, 22 May 2022 13:33:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uY1i%2BEGuKVUw6NsHbTZ1%2FVTqyVCxRoslHbb5hr9da1LhRDcP44y41fb12KS7VjghsqUnL7MK1IBgMAnOrIKiLtY51AIcPnmzxoqH4RY8OVYXi%2FRBt1EbvBZdddvzP1ASZj5bE7rEpKStg7npzs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-dc: gcp-us-east1,us-east1
x-request-id: ee7296f8-dfa8-4eba-8f07-46378219b825

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 1.main.min.js Show response
widgetv3.bandsintown.com/ 1 MB
111 KB 42ms
41ms Script
application/javascript 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetv3.bandsintown.com/1.main.min.js
Requested by: Host: widgetv3.bandsintown.com
URL: https://widgetv3.bandsintown.com/main.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7781965e85b3ce3708c7396d518c3455b944a4bfb5f3cece9d75e42deab1adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:57:44 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 17 May 2022 19:05:30 GMT
Server: AmazonS3
Age: 2168
ETag: W/"d6e490621a6c28cd56c8a6be6f40da62"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: I7Jbo8BRdIr113s0o6Wk9BqmN005KySc92H3wResp5RiYUN_jKfAoQ==

GET
H/1.1 200
OK 2.main.min.js Show response
widgetv3.bandsintown.com/ 23 KB
8 KB 119ms
51ms Script
application/javascript 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetv3.bandsintown.com/2.main.min.js
Requested by: Host: widgetv3.bandsintown.com
URL: https://widgetv3.bandsintown.com/main.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e24c4898efd37bd059440a02fa3b93c2d139e0f0ca2c63f33844640f2144142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 12:51:19 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 17 May 2022 19:05:30 GMT
Server: AmazonS3
Age: 2909
ETag: W/"a731c6fc2fe1d92c0093b44c62c7309c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: mktdXknZz2n2TJwbqMY2VTV5cHf1-BbVZXqaDDY_aWgTiiV7-51R4w==

GET
H/1.1 200
OK / Show response
rest.bandsintown.com/V3.1/artists/id_12324703/events/ 32 B
586 B 391ms
314ms Script
application/json 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rest.bandsintown.com/V3.1/artists/id_12324703/events/?app_id=js_fandiem.com&callback=bitJsonp_4244144661493026
Requested by: Host: widgetv3.bandsintown.com
URL: https://widgetv3.bandsintown.com/main.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-87.dus51.r.cloudfront.net
Software: /
Resource Hash: 3e49027447f74d82b01731012ee22c0065f5ecfb25f04d4800adcf07d2e4f7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:38 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: DUS51-P2
x-amzn-RequestId: 572dc5f2-7fa6-4c59-b4af-68739eda50f3
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-628a3bb2-73794514618901c809c69a05
Connection: keep-alive
x-amz-apigw-id: Sh5D9GWcIAMFbFg=
Content-Length: 52
Via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: RuU_-ucZhOzQ2QOQD57buD2AHcZm2ysD7JDON-lId4Cr-ms7jOtuoQ==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2278f68cc395c3636b8b59a1b8038ee9127a1c0954f945d86ce7b4bb865210e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5D09 0
15 B 42ms
41ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://fandiem.com
Referer: https://fandiem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://fandiem.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 13:33:38 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/ 3 KB
1 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1653226418462&cv=9&fst=1653226418462&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a478bcbdcf45ce98a7704d468c758214787738dd1773805009dae435e7b3dd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1164
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/370662395/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/370662395/?random=1653226418462&cv=9&fst=1653224400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=23624290&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/370662395/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/370662395/?random=1653226418462&cv=9&fst=1653224400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5b0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=23624290&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame A602 113 B
159 B 15ms
15ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d753305beea4c91ca580fc57e9fb08b7db355f7dd542f1e4bdfd6ba37798b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A602 29 B
588 B 28ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:23:01 GMT
x-content-type-options: nosniff
age: 637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 13:38:01 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
14ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 22 May 2022 13:33:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A602 63 KB
29 KB 40ms
24ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d937402bdec8a17c0478b9e6179b8a40894b7b487d1f481fcbb01ca0056ab61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 22 May 2022 13:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29646
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame A602 119 KB
37 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8691755a8ed913625d56f33a4ec9abf91166dacdb6d9607d7055c86a7064fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37805
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:52:14 GMT

GET
H3 200 APByjnNTKnwm9gnAQjW65y-O8cHvEchXN8Vtne2E0Kg.js Show response
www.google.com/js/th/ Frame A602 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/APByjnNTKnwm9gnAQjW65y-O8cHvEchXN8Vtne2E0Kg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00f0728e73532a7c26f609c04235bae72f8ef1c1ef11c85737c56d9ded84d0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13675
x-xss-protection: 0
last-modified: Mon, 02 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:25:58 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame A602 27 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ba0c56919d76219628f59713b483e2c592573741375510f7196ae6e55fa8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 21:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 229038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8029
x-xss-protection: 0
last-modified: Thu, 19 May 2022 18:04:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 21:56:20 GMT

GET
H3 200 all Show response
fandiem.com/collections/ 814 KB
67 KB 764ms
764ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/collections/all?filter.v.price.gte=0&page=2&filter.v.price.gte=0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

4fa3bd00b449467a5591ebe8333b90f9d0b6d23a7457511ae5edebdfda7bd419

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: miss
server-timing-public: processing;dur=622, db;dur=73
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:e49abff545323abafa4e22daee0fb2d1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
x-request-id: 2bd52508-9e55-43b4-919e-51087a3d5054
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70f5ecbcfa7b9205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
DATA 200
OK truncated
/ Frame A602 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSu54qyW8viL_NqNP7g6s1MGEqZHxkRmEs7NDZE=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A602 3 KB
4 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSu54qyW8viL_NqNP7g6s1MGEqZHxkRmEs7NDZE=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

821cb2386381c89ed345756658b25c5cb053c16627790768828c6e9e6895366e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3506
x-xss-protection: 0
server: fife
etag: "v9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 23 May 2022 13:33:37 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/qjLGWf-qzxs/ Frame A602 28 KB
29 KB 30ms
8ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/qjLGWf-qzxs/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dbf3a60290ed886957e7f0c0b53cfe6543dd5dc6a94e478b5708a6f9c554f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:37 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28732
x-xss-protection: 0
server: sffe
etag: "1588627613"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 22 May 2022 15:33:37 GMT

OPTIONS
H2 204 add
triplewhale-pixel.web.app/trek/ Frame 0
0 159ms
158ms Preflight
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://triplewhale-pixel.web.app/trek/add?r=2.50091368942

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fandiem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://fandiem.com
cache-control: private
content-type: text/html
date: Sun, 22 May 2022 13:33:39 GMT
function-execution-id: jxooz2gn190r
server: Google Frontend
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers,cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: 65b6a2e5d85d3ace835d2e4a18b20230
x-country-code: DE
x-powered-by: Express
x-served-by: cache-mxp6935-MXP
x-timer: S1653226419.952931,VS0,VE143

POST
H2 200 add Show response
triplewhale-pixel.web.app/trek/ 49 B
320 B 190ms
190ms XHR
application/json 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://triplewhale-pixel.web.app/trek/add?r=2.50091368942

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

c969b088f5ab3eef5981770166d96ce7e896cd9e62695661dbdbd7c7cf648e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"31-hlUW9mezce69kCgni4GUfX8vURk"
x-powered-by: Express
x-cache: MISS
x-served-by: cache-mxp6935-MXP
server: Google Frontend
x-timer: S1653226419.112570,VS0,VE174
date: Sun, 22 May 2022 13:33:39 GMT
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fandiem.com
x-cloud-trace-context: 31c7acb7ec338ea3bd2e4563cbcd4dc7
cache-control: private
function-execution-id: jxoo53l7grx2
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H/1.1 200
OK id_12324703 Show response
rest.bandsintown.com/V3.1/artists/ 1 KB
1 KB 147ms
122ms XHR
application/json 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rest.bandsintown.com/V3.1/artists/id_12324703?app_id=js_fandiem.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-87.dus51.r.cloudfront.net
Software: /
Resource Hash: 3903951d8a99aba30e5d4eaf2416680320d694e8af1a22a4b7a8c08e98d63ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:39 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: DUS51-P2
x-amzn-RequestId: c3c43697-37d2-4797-9580-85cad6b514ba
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-628a3bb3-36b9996b6287f1870ff0ede2
Connection: keep-alive
x-amz-apigw-id: Sh5EAE0kIAMF4BQ=
Content-Length: 545
Via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CjvpIe60oqAGAUWMKYA2rMwgGAoFJeAR_7v_SFPyakrqhEP3-1-p_A==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A602 4 KB
3 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 13:33:39 GMT

GET
H3 200 cart.js Show response
fandiem.com/ 283 B
1 KB 163ms
163ms XHR
text/javascript 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/cart.js?r=2.50093750059

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

64d8fa75bb9c3d700a28a0325c3c39e364b42c2f5681488c533c5854a99eed4f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
server-timing-public: processing;dur=19, db;dur=7
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 50221678757
x-request-id: c36f2b11-02d3-478b-9223-c64d64ae4a39
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70f5ecbebcc89205-FRA
x-sorting-hat-podid: 253
x-cartjs-updatedat: 0

GET
H3 204 generate_204
www.youtube.com/ Frame A602 0
9 B 11ms
10ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?U-aCkg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/qjLGWf-qzxs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame A602 52 KB
15 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 22 May 2022 20:01:37 GMT

GET
H/1.1 200
OK widget_iframe.html Show response
widgetv3.bandsintown.com/ Frame 23C4 1 KB
1 KB 25ms
25ms Document
text/html 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetv3.bandsintown.com/widget_iframe.html?affil_code=js_fandiem.com&app_id=js_fandiem.com&artist_id=12324703&artist_name=Kesha&came_from_code=700
Requested by: Host: widgetv3.bandsintown.com
URL: https://widgetv3.bandsintown.com/main.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9019e2e5707d67dbbb8e97adb47b0e88f5c02b191b12cd2acb34e8cd50eb954

Request headers

Referer: https://fandiem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 2137
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 22 May 2022 12:58:02 GMT
ETag: W/"d578d05204b1721b10defd8bb4e3858e"
Last-Modified: Thu, 18 Nov 2021 18:57:16 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 9ufjjQnSmxymsV41g0_JU3NS4Q4C9CQQgV5NeeltgIpDe0z4cJ6Bkw==
X-Amz-Cf-Pop: DUS51-P1
X-Cache: Hit from cloudfront

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A602 98 B
142 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b16caad475e7e750a2b27ca89b2dab9ebbbd1657a82c0ba08b235d1b2346de2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 22 May 2022 13:33:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 23C4 163 KB
58 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTHLS8M

Requested by

Host: widgetv3.bandsintown.com
URL: https://widgetv3.bandsintown.com/widget_iframe.html?affil_code=js_fandiem.com&app_id=js_fandiem.com&artist_id=12324703&artist_name=Kesha&came_from_code=700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a2d6c1910256046392c9370817db63af572e81d7b4357c36ad68ef823ea7931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetv3.bandsintown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59449
x-xss-protection: 0
last-modified: Sun, 22 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 May 2022 13:33:39 GMT

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 4045ae7cfc2a1ea9178ee89ff.js Show response
chimpstatic.com/mcjs-connected/js/users/362a74c79c9078e0487914798/ 18 KB
4 KB 62ms
19ms Script
application/javascript 96.16.131.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/362a74c79c9078e0487914798/4045ae7cfc2a1ea9178ee89ff.js?shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-131-108.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 932bdc4c22755a8e867cc1dd8c24649a15dc6924fe8bb8bbfc58e2b8f25a99fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 376, 376
Date: Sun, 22 May 2022 13:33:39 GMT
Content-Encoding: gzip
x-amz-request-id: HM9AV9TQMCNFP94Q
X-EdgeConnect-MidMile-RTT: 0, 0
Connection: keep-alive
Content-Length: 3843
x-amz-id-2: YBacxBHWwvjQLZMcGKH8D8u2JrKZgFx/MQ/VEEHq94hqFt0XnMWFJM7e5FZRCo2mj1+3o1kGsmI=
Last-Modified: Thu, 24 Feb 2022 19:03:00 GMT
Server: AmazonS3
ETag: "9db810b9b20eb3aa951a3aa37b221dbf"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1511
Accept-Ranges: bytes
Expires: Sun, 22 May 2022 13:58:50 GMT

GET
H/1.1 200
OK app.js Show response
s3.amazonaws.com/els-apps/countup/js/ 12 KB
3 KB 419ms
120ms Script
application/x-javascript 52.216.242.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/els-apps/countup/js/app.js?shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.242.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ea470df0377e9112fd7bc0ed5e18fcb7df8fc022d106599ced36593293559512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jul 2021 18:41:58 GMT
Server: AmazonS3
x-amz-request-id: 0BPAF3F08FXJSV16
ETag: "8a297d5f2898ba3af5f5f835eee1ffa5"
Content-Type: application/x-javascript
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 3085
x-amz-id-2: 6lK/gxiO8bDg8sNyxXRWX8renUlCceajtKUC39QghYgk+x4Y1WWlt4C0/XiF5B+m+/PkiQup1ng=

GET
H2 200 platform.js Show response
shy.elfsight.com/p/ 10 KB
4 KB 88ms
35ms Script
application/javascript 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shy.elfsight.com/p/platform.js?shop=fandiem.myshopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ccc8741a3dca5368f9151c8b276db46e9f81baa48ff1564ddfafc80f88a746

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2875
cf-polished: origSize=9871
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 15 May 2020 10:40:48 GMT
server: cloudflare
etag: W/"5ebe71b0-268f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QISGoVDlI0%2BoYvHdh3%2B87NllMo46bmu62OnKPptaQSxuMPisJV8GPLGgjp7dxsP%2BCSQPEAjkWT%2BtcSwuZSRTsa53cC%2FrMF8D53eBOWizFLSOnEFt0VT5tl0zS2X2NdeTYtY9O7qT4M%2BJxQ4XcWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 70f5ecc08b9083a6-MXP
cf-bgj: minify

GET
H/1.1 200
OK wk_shopify_auction.js Show response
sp-auction.webkul.com/js/ 93 KB
12 KB 1060ms
168ms Script
application/javascript 18.139.26.44

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-auction.webkul.com/js/wk_shopify_auction.js?shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.26.44 -, , ASN (),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2d9efae8f0139c424e7306882441198e1eb360b617bbdd5304ed47fbda682954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 May 2022 07:34:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "174e1-5dea35ba763ce-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12158

GET
H/1.1 200
OK wk_auction_category.js Show response
sp-auction.webkul.com/js/ 32 KB
6 KB 1081ms
176ms Script
application/javascript 18.139.26.44

General

Check archive.org

Show headers Download Go to

Full URL: https://sp-auction.webkul.com/js/wk_auction_category.js?shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.26.44 -, , ASN (),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5cf9c43ad6f97ea2066627e0c27124b3f356572368951f91e68fa932aa1d5fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Mar 2022 09:35:58 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "81bc-5db440a327224-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5779

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 40ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD&shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5dbe48efa59db593d3337cf01d8b20f7c50bde56adfb302226f7987ca37ddf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: gzip
age: 52841
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 1006
x-served-by: cache-lga13627-LGA, cache-hhn4055-HHN
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1653226419.257314,VS0,VE1
etag: W/"ac940a18d91666c57f773e8dcca95225"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 19, 1

GET
H2 200 shopify_rolling_bootstrap_v2.js Show response
assets1.adroll.com/shopify/latest/j/ 2 KB
1 KB 10ms
8ms Script
application/javascript 2600:9000:206f:c00:1c:cd6a:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=4VZVS64FNRFEXAUW3D4PZO&adroll_pix_id=A5AOKNR44NHIVM7TSARV6U&shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c00:1c:cd6a:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:49:46 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2639
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Wed, 27 Apr 2022 19:44:55 GMT
server: AmazonS3
etag: W/"dcbab6195eb24bf3935cbc62ec0ed277"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-cf-pop: FRA56-C1
access-control-allow-headers: *
x-amz-cf-id: DeR5EoBkXYsASYKisZigponq4oamC0mHai-HwVFTkPI-SeKH0xO-nQ==

GET
H3 200 BMmoFnGNlK5UpA4h.js Show response
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 3 KB
2 KB 18ms
17ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/BMmoFnGNlK5UpA4h.js?v=1649866955&shopId=100273&shop=fandiem.myshopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449c3e62b3c340c2c2a094d7a81517c3bebce6a9560b490083c0c7a50babe8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 908342
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpvtV35nbAhFXADTfULtGjjTB6GYxawM8TPl%2FGw6QK%2Fw2STI7yaUwpEFQ3MdgdAyVaMec0Fx79L8GEFz4JSKLshr8JdaZjUEGDzIF6Ri%2Fy19TVrbRSqPwKV5wgqB2OiVBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=117.730, imageryFetch;dur=115.426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a96c9698-f6ac-4604-9bfb-acf7f400992c
timing-allow-origin: *
surrogate-key: segment4-25254 shop-50221678757 mime-text/javascript-25254 time-bucket-20220512-25254 1e745ae8da9fd8cbbf511be450dd78de7c79bfab48b1c726c4497a3f9a01291a
last-modified: Thu, 12 May 2022 01:11:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecc02a429b25-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/BMmoFnGNlK5UpA4h.js>; rel="canonical"

GET
H/1.1 200
OK script.js Show response
account-invite.merchantyard.com/js/integrations/ 1 KB
2 KB 328ms
108ms Script
application/javascript 3.139.21.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://account-invite.merchantyard.com/js/integrations/script.js?v=5468&shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.139.21.16 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-21-16.us-east-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ecb2cfc35864022302df026bc7d2fde1f2d44bf1f0f58f55d42fe7fd5ca7a747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:39 GMT
Last-Modified: Tue, 10 May 2022 07:08:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "627a0f76-532"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1330

GET
H2 200 pushowl-shopify.js Show response
cdn.pushowl.com/latest/sdks/ 148 KB
35 KB 34ms
11ms Script
application/javascript 2600:9000:224a:ac00:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=fandiem&environment=production&guid=5753a3cb-9bec-49e2-b958-421e974db847&shop=fandiem.myshopify.com
Requested by: Host: fandiem.com
URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:ac00:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 04502390a2c1b7aca303503c7c749791a64587b84268c64ae88e0d3f2b215304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 10:18:01 GMT
content-encoding: br
age: 443738
etag: W/"251c9-Aw8w1WAU84NY33ffM/Lh9EQlYAg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: riPdd_QvikykzhrDJZ7OIZYGJbSisEQVPAeAja4T_tnOT-kOMRlfeg==
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
x-request-id: 3c0e6759-2094-464f-b661-d0c09a488378

GET
H/1.1

200
OK

/ Show response
app.theadslab.io/
Redirect Chain

https://i.liadm.com/s/71674?bidder_id=246442&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE%2FdXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjImdXRt...
https://i.liadm.com/s/71674?format=original&visitorId=c4b0c8a68e1fc720&bidder_id=246442&_li_chk=true&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE/dXRtX2NhbXBhaWduPW...
https://app.theadslab.io/?hash=&format=original&visitorId=c4b0c8a68e1fc720&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE/dXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24t...

37 B
770 B

585ms
372ms

Script
application/javascript

18.119.43.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.theadslab.io/?hash=&format=original&visitorId=c4b0c8a68e1fc720&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE/dXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjImdXRtX2NvbnRlbnQ9Zi1jb3ZpZC1iYW5kc2ludG93bi1zd2VldC1yZWxpZWYtMjAyMi1rZXNoYS1zd2VlcHMtcGFnZSZ1dG1fbWVkaXVtPXBhcnRuZXItYmFuZHNpbnRvd24tYmxhc3QtZnJvbS1iaXQmdXRtX3NvdXJjZT1iYW5kc2ludG93biIsInVzZXJJZCI6IiIsInRyYWNrZXIiOiJodHRwczovL2FwcC50aGVhZHNsYWIuaW8vIn0=&method=IdentityResolution.identityHash&module=API

Protocol

HTTP/1.1

Server

18.119.43.107 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-43-107.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bbc48cedd99cde691871122bb1227f70659db08de6531f3be2cdf7e50b628e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sun, 22 May 2022 13:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Matomo-Request-Id: 3a883
Connection: keep-alive
Content-Length: 57
X-XSS-Protection: 1; mode=block
Internal-Node-Hostname: ip-10-0-2-226.us-east-2.compute.internal
Referrer-Policy: origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Pragma: no-cache

Redirect headers

Location: https://app.theadslab.io/?hash=&format=original&visitorId=c4b0c8a68e1fc720&siteId=335&userId=eyJzaXRldXJsIjoiaHR0cHM6Ly9mYW5kaWVtLmNvbS9zd2VlcHMva2VzaGE/dXRtX2NhbXBhaWduPWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjImdXRtX2NvbnRlbnQ9Zi1jb3ZpZC1iYW5kc2ludG93bi1zd2VldC1yZWxpZWYtMjAyMi1rZXNoYS1zd2VlcHMtcGFnZSZ1dG1fbWVkaXVtPXBhcnRuZXItYmFuZHNpbnRvd24tYmxhc3QtZnJvbS1iaXQmdXRtX3NvdXJjZT1iYW5kc2ludG93biIsInVzZXJJZCI6IiIsInRyYWNrZXIiOiJodHRwczovL2FwcC50aGVhZHNsYWIuaW8vIn0=&method=IdentityResolution.identityHash&module=API
Date: Sun, 22 May 2022 13:33:39 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 23C4 49 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTHLS8M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetv3.bandsintown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4471
date: Sun, 22 May 2022 12:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 14:19:08 GMT

GET
H/1.1 200
OK clear.gif
px1.bandsintown.com/ Frame 23C4 43 B
504 B 67ms
25ms Image
image/gif 18.64.115.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px1.bandsintown.com/clear.gif?property=user_log&param=%7B%22user_id%22:%22undefined%22,%22affil_code%22:%22js_fandiem.com%22,%22app_id%22:%22js_fandiem.com%22,%22came_from_code%22:%22700%22,%22custom%22:%7B%22utm_source%22:%22undefined%22,%22utm_campaign%22:%22undefined%22,%22utm_medium%22:%22undefined%22%7D,%22artist_id%22:12324703,%22event_id%22:0,%22artist_event_id%22:0,%22source%22:%22Widget%20iFrame%22,%22version%22:%223%22,%22logtype%22:%22impression%22,%22nonce%22:455768778%7D&gtmcb=1048721115
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-78.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetv3.bandsintown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 18:28:37 GMT
Via: 1.1 bc899ba900b38f8013d849341ebb71c8.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 May 2015 15:44:39 GMT
Server: AmazonS3
Age: 68703
ETag: "325472601571f31e1bf00674c368d335"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: TXL50-P4
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: vGwK3qinqBE7gsVnP2dr6EBKf32uRm_iYQRFG3C1cMg2cM3UhgiSig==

GET
H2 200 fender_analytics.b53eaf7313a4d0715052.js Show response
static-tracking.klaviyo.com/onsite/js/ 21 KB
8 KB 28ms
9ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.b53eaf7313a4d0715052.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD&shop=fandiem.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d44178491250a72ee6cf5416c5b3bca63bcc457b0c320b1d26d00cbbad677938

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 3NiIt5EPjwMQDjVhaXii3LNkgfGDCraz
content-encoding: gzip
age: 52897
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7502
x-amz-id-2: fD6ZLD40/tpABbWJiVEo+0ZQ9pzLBBpnMkLWYEPQo4PFKSqjIFHFJNKn3pIF42JBeedFlsg2+VQ=
x-served-by: cache-lga21983-LGA, cache-hhn4026-HHN
last-modified: Sat, 21 May 2022 22:51:45 GMT
server: AmazonS3
etag: "9c5fbdad2899e3dd3f57f5bae1c0434e"
vary: Accept-Encoding
x-amz-request-id: D42VVS1XFGBWMSR1
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 1, 48489

GET
H2 200 static.705e9d701c71d4dd0bfe.js Show response
static-tracking.klaviyo.com/onsite/js/ 14 KB
6 KB 28ms
10ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.705e9d701c71d4dd0bfe.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD&shop=fandiem.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c5e605ca8fdb9ff646c4450e509fd599529891c7caa57c119170bb42149ccc

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: SlunlHOd7y.boCCEyPhSVmNb3H14hnYx
content-encoding: gzip
age: 52897
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5903
x-amz-id-2: O/+94s9oBMppBvDBzh6whjJ87XRXIBScnFXP8aZxaX9Ni/Scl++aZlTTNRiYK24Wko91plqLzog=
x-served-by: cache-lga21937-LGA, cache-hhn4026-HHN
last-modified: Sat, 21 May 2022 22:51:45 GMT
server: AmazonS3
etag: "22fbf638b4405a7d78bd1f292488375e"
vary: Accept-Encoding
x-amz-request-id: D42K6V10WFH5SPZ4
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 2, 48400

GET
H2 200 sharedUtils.ac67ecc041f3e65fe37e.js Show response
static.klaviyo.com/onsite/js/ 32 KB
13 KB 26ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.ac67ecc041f3e65fe37e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD&shop=fandiem.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6209b0ee91e6db5f1cb2f349ebe814bdcc413b7940c5860be8a66f8a40ded95

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: xJnCrIKXs7bstYeh1SYe5OtdmL4dKGC9
content-encoding: gzip
age: 52907
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12637
x-amz-id-2: +unmTIQLRc+h42UlW11ckv8w4neRbYja/pGR6oB9CLSlRSICrSOGeepIkjMAprE2E6zZ64e7fAw=
x-served-by: cache-lga21960-LGA, cache-hhn4059-HHN
last-modified: Tue, 17 May 2022 13:57:45 GMT
server: AmazonS3
etag: "b6477f7fb592302c2133964fab354458"
vary: Accept-Encoding
x-amz-request-id: DTR5CBF4QM72CWYC
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 1, 44865

GET
H2 200 vendors~signup_forms.707a902479047146d46a.js Show response
static.klaviyo.com/onsite/js/ 37 KB
13 KB 26ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.707a902479047146d46a.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD&shop=fandiem.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0762c35f70aa0f80035105000ff67b4b8b8f1004eac9c4fb70dfc0ce8cced83b

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: nUZJAJInhdEdqOQ7uJBtyb8MhiPYtMy8
content-encoding: gzip
age: 52897
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12761
x-amz-id-2: EofRKvcH7qLeV8c7HPRxklpFjOcCGiTU6pBCmxVkq1AvUTFE/U5tA+xkPHyJKZfds9OuLBsth7A=
x-served-by: cache-lga21981-LGA, cache-hhn4059-HHN
last-modified: Sat, 21 May 2022 22:51:45 GMT
server: AmazonS3
etag: "d0c7268163b4f17f1d7fc9fcd0fda1e4"
vary: Accept-Encoding
x-amz-request-id: D42W9FCN5KDNWTYW
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 2, 32982

GET
H2 200 signup_forms.140b2cdec064869adc05.js Show response
static.klaviyo.com/onsite/js/ 53 KB
19 KB 26ms
9ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD&shop=fandiem.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5e308b9dceb7e087f6254a18a31039fc4776b5dfb0c64daee64961d3ddc2a63

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: AzW9jXM_C5t.jNzAmRZ_gDCpwZmwz_co
content-encoding: gzip
age: 52908
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 19132
x-amz-id-2: SmbuDlPL5Qu/QbY1IN9V27Cwl40cw5HaZOMBRVmTwv64t5C1iG9dWSoAvYWxB9trHn3kvtCYy/o=
x-served-by: cache-lga21969-LGA, cache-hhn4059-HHN
last-modified: Sat, 21 May 2022 22:51:45 GMT
server: AmazonS3
etag: "60669bf8f3a0ea6096b8529e7ef19a3d"
vary: Accept-Encoding
x-amz-request-id: 91DF1BJ2EZHZ9EYZ
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 1, 31019

GET
H2 200 sdk.bundle.js Show response
sdk.postscript.io/ 228 KB
61 KB 42ms
10ms Script
application/javascript 108.157.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.postscript.io/sdk.bundle.js?shopId=100273
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/BMmoFnGNlK5UpA4h.js?v=1649866955&shopId=100273&shop=fandiem.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 660d9e4d937357a54213d2ba71b3c7f508d37876136ba96c39dc66c4fa0ccd44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 18:35:44 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:35:34 GMT
server: AmazonS3
age: 68276
etag: W/"114367aa0ff8f816613a6ec8d6db429f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: r67GvhIEwlauNYNoOPhVSphiV7o1ZmPZBdSS2RauMkpcFCY6n7kE1g==

OPTIONS
H2 200 /
cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/ Frame 0
0 34ms
10ms Preflight 2600:9000:224a:ac00:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/?guid=5753a3cb-9bec-49e2-b958-421e974db847&platform=shopify
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:ac00:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fandiem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
age: 443738
cache-control: public, s-maxage=15552000, max-age=15552000
content-length: 0
date: Tue, 17 May 2022 10:18:01 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
x-amz-cf-id: Qp9GIn-IoR-BhgafeF69914iZSC7_ejccjv-ZYprdxZaCzLIoEkYBg==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-request-id: 3576c160-a6da-42c4-9dfb-47054a427739

GET
H2 200 / Show response
cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/ 2 KB
3 KB 14ms
13ms XHR
application/json 2600:9000:224a:ac00:7:6365:89c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/?guid=5753a3cb-9bec-49e2-b958-421e974db847&platform=shopify
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:ac00:7:6365:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 528794e6b9a74164584b941956393fa4a5fab7f1d499b03e695e37813749017f

Request headers

Accept: application/json
Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 17 May 2022 10:18:02 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
age: 443737
etag: W/"852-YZcw1J0lmTtOod8XXLyALbSmY0M"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
content-length: 2130
x-amz-cf-id: 3yhfYdCOaIZ5ZBsOHkbgp7lbx1oQtGVtyP9fskUo6CDDpy-VKAeJHg==
x-request-id: 1a650c4b-0eb1-4d0d-9b19-803c3508863f

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 23C4 2 B
22 B 16ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1496798477&t=pageview&_s=1&dl=https%3A%2F%2Fwidgetv3.bandsintown.com%2Fwidget_iframe.html%3Faffil_code%3Djs_fandiem.com%26app_id%3Djs_fandiem.com%26artist_id%3D12324703%26artist_name%3DKesha%26came_from_code%3D700&dr=https%3A%2F%2Ffandiem.com%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAEABAAAAAC~&jid=1825685802&gjid=2005044356&cid=1977410220.1653226419&uid=undefined&tid=UA-2044446-18&_gid=704779483.1653226419&_r=1&gtm=2wg5b0NTHLS8M&cd1=Widget%20iFrame&cd2=js_fandiem.com&cd3=700&cd4=widget-v2&cd6=Kesha&cd9=2&cd10=12324703&cd11=js_fandiem.com&z=356365395

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widgetv3.bandsintown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 13:33:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widgetv3.bandsintown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 23C4 1 B
22 B 24ms
24ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2044446-18&cid=1977410220.1653226419&jid=1825685802&uid=undefined&gjid=2005044356&_gid=704779483.1653226419&_u=YEBAAEAAAAAAAC~&z=660656248

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widgetv3.bandsintown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 13:33:39 GMT
content-type: text/plain
access-control-allow-origin: https://widgetv3.bandsintown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sentry.72c35c673102dbf675f0.js Show response
static.klaviyo.com/onsite/js/ 39 KB
14 KB 7ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.72c35c673102dbf675f0.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.140b2cdec064869adc05.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2652f0c7c7b7905018e1a14dd565b946e15d9e7ac92e4b88cfbe54eeda8fa0d6

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: OYx9hgarlAcADJpd_z3npiVgW9HDTTV4
content-encoding: gzip
age: 52908
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13733
x-amz-id-2: FNN3I9d6sQkPC8o2ihP3+Jc9J3sTqWUI82MddK0e99ir4HZYrhrhsKtfmyWw/NbwI+cXp20HWaQ=
x-served-by: cache-lga21972-LGA, cache-hhn4059-HHN
last-modified: Wed, 27 Apr 2022 20:36:07 GMT
server: AmazonS3
etag: "a8c2468bbb12338630abadf2b3aea3e6"
vary: Accept-Encoding
x-amz-request-id: PQA13S140XCQ4KHP
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 2, 28186

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 711 B
1 KB 28ms
8ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=TZ9PuD

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f68d27acd527de195aef61018035ad71196cc6f3123849e74f3fe1bf9abd406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 2270200
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 711
x-served-by: cache-bos4622-BOS, cache-hhn4046-HHN
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v5/TZ9PuD/ 5 KB
2 KB 28ms
9ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v5/TZ9PuD/full-forms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfe4725cbcd3724eff4f864cf0ef6c649662479b1c375652ecadaa77cadc6c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: ArBt6tASnoWaKy.KP9alxToZ6O2tk5Gg
content-encoding: gzip
age: 2238149
via: 1.1 varnish
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/TZ9PuD custom-fonts/TZ9PuD
content-length: 1219
x-amz-id-2: +Rfc1LKdqVQrH/6XAROI/pFJQhOX6DdF0vbcvVKRdAiee99TkmipD6v7nu9YpFNe3DMOVm2nj18=
x-served-by: cache-hhn4020-HHN
client-geo-country: DE
last-modified: Wed, 13 Apr 2022 18:47:20 GMT
server: AmazonS3
x-timer: S1653226419.357030,VS0,VE1
etag: "f672dcc83c125b55cb735109433ec590"
vary: Accept-Encoding
x-amz-request-id: FMD8J6QZQQNWHDJW
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
date: Sun, 22 May 2022 13:33:39 GMT
x-cache-hits: 1

GET
H3 200 / Show response
shy.elfsight.com/p/boot/ 1 KB
2 KB 271ms
247ms Script
text/javascript 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shy.elfsight.com/p/boot/?a=&callback=__esappsPlatformBoot1653226419337&shop=fandiem.myshopify.com&w=78344cf6-97f4-4b85-977b-ef05aff2fc99%2Ce678ffe3-1e09-4cf1-a8e3-5a5e839f399f

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?shop=fandiem.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7302b4798a6ff5bbe4aafafebbc6f77c7819d3fd8dd45fd1a91524bb0b3c7969

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4vFVU65INOuC0io4jj0ZKc2%2BL5zRpv59JOck0spXUQniqc0TLcT6IivtNYCX9yKeNCcCC%2BBBs5SzH6%2BT63T5NietHQ7iGalHXpFA8OtGtYzqMhYBmuYNTGFM5eQay%2BTpK5j8lEacC9tnoxLpYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-apo-via: origin,host
cf-ray: 70f5ecc11ab683b5-MXP

OPTIONS
H2 200 events
api.pushowl.com/event/v1/ Frame 0
0 712ms
102ms Preflight
text/html 54.152.99.78

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushowl.com/event/v1/events

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.99.78 -, , ASN (),

Reverse DNS

Software

gunicorn/20.0.4 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fandiem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 13:33:40 GMT
server: gunicorn/20.0.4
vary: Origin
x-content-type-options: nosniff

POST
H2 204 events Show response
api.pushowl.com/event/v1/ 0
161 B 100ms
100ms XHR
text/plain 54.152.99.78

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushowl.com/event/v1/events

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.99.78 -, , ASN (),

Reverse DNS

Software

gunicorn/20.0.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: text/plain
Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 13:33:40 GMT
x-content-type-options: nosniff
server: gunicorn/20.0.4
x-frame-options: DENY
allow: POST, OPTIONS
vary: Accept, Origin, Cookie

GET
H3 404 .js Show response
fandiem.com/products/ 0
1 KB 154ms
153ms XHR
application/json 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/products/.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: hit, server
server-timing-public: processing;dur=16, db;dur=6
content-type: application/json; charset=utf-8
x-alternate-cache-key: cacheable:a10bcc90829f7e3f95c6edd26c5ae344
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
access-control-allow-origin: *
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-request-id: 043eed89-75ad-43cc-ab78-76ec3b5f3868
cf-ray: 70f5ecc0efa99205-FRA
x-sorting-hat-podid: 253

GET
H2 200 100273 Show response
api.postscript.io/sdk/config/ 122 B
534 B 162ms
123ms Fetch
application/json 18.64.103.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.postscript.io/sdk/config/100273
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-22.txl50.r.cloudfront.net
Software: /
Resource Hash: d18c3255af255a7a1b76a397393a67aa0c8a49b646f08bf0e35e2e0bca865d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 122
x-amz-cf-pop: TXL50-P3
x-amzn-requestid: 2764b52f-54f1-4250-8ede-2648eec3c7f6
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628a3bb3-387c71802d29c3554bad1ea2
access-control-allow-credentials: true
x-amz-apigw-id: Sh5EEG8IoAMFUHg=
content-length: 103
via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amz-cf-id: 5tBKHTvdlcWSW7Nquy9Cou3b7hfDEUkx9Whn8o3k0iOHnH5qOfAPfA==

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 55ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 12:34:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 13:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 13:33:39 GMT

GET
H2 200 desktop.html Show response
sdk.postscript.io/ Frame AF8D 1 KB
955 B 11ms
11ms Document
text/html 108.157.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Requested by: Host: sdk.postscript.io
URL: https://sdk.postscript.io/sdk.bundle.js?shopId=100273
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed455c446a7d5dce7d54021f47950e3572c696b6c5e822d8ee8facf0a5a3e91e

Request headers

Referer: https://fandiem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68276
content-encoding: gzip
content-type: text/html
date: Sat, 21 May 2022 18:35:44 GMT
etag: W/"505b29356e279c4d54c10e02c38e5f1c"
last-modified: Mon, 16 May 2022 18:35:33 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-id: qLSEC2y9pYN3GPINg7PGq4zsZF6a5NM63_BaSomQJXPH-HNKRxZajg==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront

GET
H2 200 100273 Show response
api.postscript.io/public/klaviyo_form_status/ 37 B
482 B 323ms
323ms Fetch
application/json 18.64.103.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.postscript.io/public/klaviyo_form_status/100273
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-22.txl50.r.cloudfront.net
Software: /
Resource Hash: 111325fdac9e3c078a70d6b8a8f81466eda581d61cd40536714d160a1a799fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 37
x-amz-cf-pop: TXL50-P3
x-amzn-requestid: 2efa5da9-803a-47d8-a0c1-5eaab9935add
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-628a3bb3-14b8baf92ce4ad5077d889ff
access-control-allow-credentials: true
x-amz-apigw-id: Sh5EHHoIoAMF35g=
content-length: 51
via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amz-cf-id: 73MMxOmTnnYOvZWYZlcP9xpKmagO6lagGyVuRcgD0a1MdPa_jymloA==

GET
H3 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 5 KB
3 KB 23ms
22ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0e6487c29b3544bd38764670fe3adaf5e0b489cf74d3beeabacf89fdf356262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fandiem.com/
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 874
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ9MTT9u5D7idv%2Bod3eqcRkF7lLSnxyOIwmgeBj9yv9i78813LsjVb84UJhKQXSaT7WJeRJcNWE32o3NDeKeVVov7idxLeCeXBU8vgcDUx3nMsRRLTSHnsKF%2FtAn2QxAUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=16.425, imageryFetch;dur=16.216
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 31917e8e-4daa-494b-8f15-4d59719dc28d
timing-allow-origin: *
last-modified: Sun, 22 May 2022 13:03:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
cf-ray: 70f5ecc2594e92b7-FRA
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"

GET
H2 200 socialShareButtons.js Show response
static.elfsight.com/apps/social-share-buttons/shopify/release/a7a16905-8a6d-42f2-baec-7030e2696a67/app/ 420 KB
76 KB 51ms
49ms Script
application/javascript 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/social-share-buttons/shopify/release/a7a16905-8a6d-42f2-baec-7030e2696a67/app/socialShareButtons.js

Requested by

Host: shy.elfsight.com
URL: https://shy.elfsight.com/p/platform.js?shop=fandiem.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85bb07c78d497ccacf55ad008d36eb1ebec8d6f78c16aa5b081a2cd23502cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:39 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277959
cf-polished: origSize=430182
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx00000000000008fc7369f-006285f54b-26d700f5-sfo2a
x-hw: 1652948460.dop201.ml1.t,1652948460.cds206.ml1.shn,1652948460.dop201.ml1.t,1652948460.cds009.ml1.c
last-modified: Tue, 29 Mar 2022 12:43:20 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"3df6bc74c6b8b97c351a6038441e9bac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deadjlKRL155v5UfRMFMD2ZF%2FYHfVZ%2FRLAullF%2FtoiphjdixIEPiE%2FgwXrIBHJjE5k7va4SbdElbOiLyrOWLklNfOxgNhzJJuVob81JaoIi5tNB8oTTzq3USAt4IwxeM7%2B%2F32oNbiE0JnR63Zv43xRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-rgw-object-type: Normal
cf-ray: 70f5ecc2a97883a6-MXP
cf-bgj: minify

GET
H3 200 all Show response
fandiem.com/collections/ 727 KB
56 KB 814ms
813ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/collections/all?filter.v.price.gte=0&filter.v.price.gte=0&page=3&filter.v.price.gte=0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

69aa0ee241afb80430426a85861c88b93e892326a328a1b56069b8b3b53a207c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: miss
server-timing-public: processing;dur=655, db;dur=65, parse;dur=1
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:3c9f814640fa3cbc04646d022ceea619
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
x-request-id: 84117c2d-7c6f-40b4-8764-7836fb105b4f
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70f5ecc32aa09205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 css
fonts.googleapis.com/ Frame AF8D 4 KB
631 B 33ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Requested by

Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05e383cc3c7312b5332e675ced11f8c7d5f7f1a3dfa672cf22b868b05bb5e6ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.postscript.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 12:10:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 13:33:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 13:33:39 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame AF8D 30 KB
7 KB 66ms
34ms Stylesheet
text/css 2606:4700::6812:acf

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.postscript.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 2557235
cdn-cachedat: 2021-04-23 01:07:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1e0763d9c4fa9b0b2a42b4408ee65d0f
cf-ray: 70f5ecc5093801eb-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57df0348d6c00360aa9e0a119035e735592f3454a9bb1dd5a5f8f0f97b21905e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 desktop.css
sdk.postscript.io/ Frame AF8D 22 KB
4 KB 10ms
10ms Stylesheet
text/css 108.157.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.postscript.io/desktop.css
Requested by: Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d59516bf9f5ff12c68e78b243233dfe80e2a1020170722ec3646df9df575792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:11:12 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:35:33 GMT
server: AmazonS3
age: 26554
etag: W/"85dd27cc5c648e1815b07a31b03ddaa0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: nXFdzfoKP8KiMdvYtQKmyKYPZbQiSBcTY6qoIJPImrX1DhK8d2kpXg==

GET
H2 200 desktop.bundle.js Show response
sdk.postscript.io/ Frame AF8D 118 KB
37 KB 11ms
11ms Script
application/javascript 108.157.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.postscript.io/desktop.bundle.js?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Requested by: Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 382df84073b5bf82a2a1b98945e9f4e94b37fbce7c39e48a235f3986a8e43bd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 18:35:47 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 18:35:33 GMT
server: AmazonS3
age: 68276
etag: W/"c2be4f2a2ef6bcd9fdb3e2930da33df7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 7go4S9O2CyY1fxTzR4yAaaDTM_0sQRS52IU-zyHm5Jl7FY33wXyCjQ==

GET
H2 200 desktop Show response
api.postscript.io/v2/public/popups/100273/ Frame AF8D 4 KB
2 KB 324ms
323ms Fetch
application/json 18.64.103.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.postscript.io/v2/public/popups/100273/desktop
Requested by: Host: sdk.postscript.io
URL: https://sdk.postscript.io/desktop.bundle.js?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-22.txl50.r.cloudfront.net
Software: /
Resource Hash: d7b0dac410e80ffa42e5156cecffb51d3a1ea7c96ba40aec547cf4b49d913de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sdk.postscript.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:40 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 4095
x-amzn-remapped-date: Sun, 22 May 2022 13:33:39 GMT
x-amz-cf-pop: TXL50-P3
x-amzn-requestid: ee88c49c-9ad9-4fd7-b12d-c0a6085e7e77
x-cache: Miss from cloudfront
x-amz-apigw-id: Sh5EOEJioAMFgYg=
content-length: 1816
access-control-allow-origin: https://sdk.postscript.io
vary: Origin
content-type: application/json
via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
x-amzn-remapped-server: gunicorn/20.0.4
access-control-allow-credentials: true
x-amz-cf-id: N_KeSUAZ2T4q_JybKTxUpftYJt_wr_cCpMl356Jw_X7-Xydyq3QJ7Q==
x-amzn-remapped-connection: keep-alive

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
849 B 160ms
137ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fandiem.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 22 May 2022 13:33:40 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: b5b7572e-eb8e-4658-81f7-ac8cd95ae836
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pGHv2XO1iyiKL6JMx7bzcK%2BpSgGqlsP%2B64nctx30AeXCxqaTT4tVSmSzwGsa5AupYS4mVC7ra81%2B1UQ72aHbVX92RJ4ODnEkXhfgPwxmjuCEsq9xLFqxcAinyikFEB1h9tpKhTa0gBpmVl8Qyg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://fandiem.com
access-control-allow-credentials: true
cf-ray: 70f5ecc6e9b89bd1-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 465ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: sp-auction.webkul.com
URL: https://sp-auction.webkul.com/js/wk_shopify_auction.js?shop=fandiem.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 09:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 May 2023 09:01:02 GMT

GET
H2 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/ 61 KB
17 KB 493ms
34ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/socket.io.js

Requested by

Host: sp-auction.webkul.com
URL: https://sp-auction.webkul.com/js/wk_shopify_auction.js?shop=fandiem.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d3db4408e44abebf3107d88297c0c9f2234c2eb8837210b5fa9fb2b75852b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fandiem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2128203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16834
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-f3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwtHpmKjrcVLTHyB6Of9uS2hDKPT9FcUkiXTNRcKCpPC4vjFpYazTBNBjlmBPHQgv%2FviOPZoIglyOr%2F2aGyP1mtqG4KzwV5oFXiIe5qvVjrysC7JQ%2BhUJgZED%2FUbqjn6Ookd5N8F7Mhmy%2BF6yB%2Bv6nKc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f5ecc9a98223df-ZRH
expires: Fri, 12 May 2023 13:33:40 GMT

GET country
location.postscript.io/ Frame AF8D 0
0

GET
H3 200 all Show response
fandiem.com/collections/ 99 KB
14 KB 600ms
599ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/collections/all?filter.v.price.gte=0&filter.v.price.gte=0&filter.v.price.gte=0&page=4&filter.v.price.gte=0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

ec148db3299ebf064ec070a0bf9aecdb9414c50e69638f5ccfa4dd36265bfb08

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: miss
server-timing-public: processing;dur=420, db;dur=125
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:fc677fe893eed5cacaf981d1f22c5b06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
x-request-id: 92891ce0-78fd-4f5a-bf14-d27ee25fb7b2
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70f5ecc96b0d9205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A602 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qjLGWf-qzxs
X-YouTube-Client-Version: 1.20220517.01.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgstX2llWDI5WFlfayiy96iUBg%3D%3D
X-YouTube-Ad-Signals: dt=1653226418482&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C592%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKqcColpw2ht0jUbPdPVR3w1R_HaIn6LnDgr7scS9pSm4kWMOCATVKx1lLuhlGhEoPQRKRr32w2W2d2uXMapk7Ku1v5gtw

Response headers

date: Sun, 22 May 2022 13:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 22 May 2022 13:33:41 GMT

GET
H3 200 all Show response
fandiem.com/collections/ 63 B
1 KB 472ms
471ms XHR
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fandiem.com/collections/all?filter.v.price.gte=0&filter.v.price.gte=0&filter.v.price.gte=0&filter.v.price.gte=0&page=5&filter.v.price.gte=0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

24e1fe99ae490a1a3034e53174215fd92bf1619c209f6becc32078cfd1d2e94b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
x-cache: miss
server-timing-public: processing;dur=324, db;dur=55, parse;dur=1
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:5c711fd4e01d5fc5a77d2ff98c2f2618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 50221678757
x-shardid: 253
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 50221678757
x-request-id: 3ba949b7-3846-436c-af5d-f9319283bead
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 70f5eccd38a49205-FRA
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-sorting-hat-podid: 253

GET
H3 200 MazzardH-ExtraBold.otf
cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/ 126 KB
53 KB 24ms
24ms Font
font/otf 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-ExtraBold.otf

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9cbb400bf017649e1209e639b8ad006b8466cc6e52832244a37c22f38cebc9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727
Origin: https://fandiem.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:33:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
age: 206281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQNPjBbErdJbt2a2csTr%2BGOPuxMi46fNbfXZ5dv1uAEv5xntkhHsXugJbtfhJKlhLHBTPWkrH762LTyYB4KOjM1xb4XrZxMx4Sqkg0ynkA3oZpcX8HDortVTaqmtGKauTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=71.010, imageryFetch;dur=70.654
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8e825a71-1ca5-4828-95aa-515c1b70e5e9
timing-allow-origin: *
surrogate-key: segment4-4954 shop-50221678757 mime-font/otf-4954 time-bucket-20220407-4954 f8a379c0e94c79773f285d5d7279625c3ef74b727d70c4868eb887c74da218b2
last-modified: Thu, 07 Apr 2022 03:26:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31557600
cf-ray: 70f5ecd0fd9a92b7-FRA
link: <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-ExtraBold.otf>; rel="canonical"

GET cf9a11deda1fab2ed9e5.otf
dpjhaiprv9czz.cloudfront.net/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-XG86FRBQR2&gtm=2oe5b0&_p=354439729&_z=ccd.tbB&cid=2143699563.1653226416&ul=en-us&sr=1600x1200&_s=2&sid=1653226416&sct=1&seg=0&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&dt=WIN%20AN%20AUTOGRAPHED%20PICTURE%20OF%20KESHA&en=scroll&_et=7&epn.percent_scrolled=90

Domain: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/4a641adac032d7803bcd.otf

Domain: location.postscript.io
URL: https://location.postscript.io/country

Domain: dpjhaiprv9czz.cloudfront.net
URL: https://dpjhaiprv9czz.cloudfront.net/cf9a11deda1fab2ed9e5.otf

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 03:56:58	Name: _li_ss Value:
.fandiem.com/	1970-01-20 05:23:22	Name: _fbp Value: fb.1.1653226416259.1901268255
.facebook.com/	1970-01-20 05:23:22	Name: fr Value: 0BJ3rlOHfTBK73PYZ..Biijuw...1.0.Biijuw.
.fandiem.com/	1970-01-20 20:44:58	Name: _ga_XG86FRBQR2 Value: GS1.1.1653226416.1.0.1653226416.60
.fandiem.com/	1970-01-20 20:44:58	Name: _ga Value: GA1.2.2143699563.1653226416
.fandiem.com/	1970-01-20 03:15:12	Name: _gid Value: GA1.2.71087585.1653226416
.fandiem.com/	1970-01-20 03:13:46	Name: _gat_gtag_UA_181963629_1 Value: 1
fandiem.com/	1970-01-20 11:59:22	Name: secure_customer_sig Value:
fandiem.com/	1970-01-20 03:33:56	Name: localization Value: US
.fandiem.com/	1970-01-20 03:33:56	Name: _orig_referrer Value: http%3A%2F%2Fwinwith.fandiem.com%2F
.fandiem.com/	1970-01-20 03:33:56	Name: _landing_page Value: %2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown
.fandiem.com/	1970-01-20 11:59:22	Name: _y Value: 35d7ce3a-07cd-4e22-a9cc-cbfee35ef0b9
.fandiem.com/	1970-01-20 03:13:48	Name: _s Value: aaedca89-91fc-4782-a835-c53a35966531
.fandiem.com/	1970-01-20 11:59:22	Name: _shopify_y Value: 35d7ce3a-07cd-4e22-a9cc-cbfee35ef0b9
.fandiem.com/	1970-01-20 03:13:48	Name: _shopify_s Value: aaedca89-91fc-4782-a835-c53a35966531
.fandiem.com/	1970-01-20 03:13:48	Name: _shopify_sa_t Value: 2022-05-22T13%3A33%3A37.685Z
.fandiem.com/	1970-01-20 03:13:48	Name: _shopify_sa_p Value: utm_source%3Dbandsintown%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page
.t.co/	1970-01-20 20:44:58	Name: muc_ads Value: 2ac6a3fb-4b1b-4864-b365-688e81357364
.twitter.com/	1970-01-20 20:44:58	Name: personalization_id Value: "v1_nP9hK2cZbHnWmEnIj9UZLg=="
prism.app-us1.com/	1970-01-20 03:56:58	Name: prism_1001208398 Value: d81e67ae-3fd8-4914-ad07-9305933ac060
.fandiem.com/	1970-01-20 03:13:46	Name: _gat Value: 1
.fandiem.com/	1970-01-20 05:23:22	Name: _gcl_au Value: 1.1.1474639697.1653226418
.fandiem.com/	1970-01-20 03:56:58	Name: prism_1001208398 Value: d81e67ae-3fd8-4914-ad07-9305933ac060
.linkedin.com/	1970-01-20 03:56:58	Name: UserMatchHistory Value: AQJQcM23MSCiWwAAAYDr-S6eMwcSeAx8z_2UU-IQAWGO-Ejon8kvcBTAXlvm4EZzRbjMOxJS_o8X1A
.linkedin.com/	1970-01-20 03:56:58	Name: AnalyticsSyncHistory Value: AQLjuKtRWdIDNgAAAYDr-S6ekXU0bJ-urJZTlzxRXKBrxvlZqDfHwxF93X_9Zsdj3QHsXIvOot_X4xVnrzxxYg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:45:40	Name: bcookie Value: "v=2&8ad4a470-78d2-45e1-89d8-cc5fb206ebaf"
.linkedin.com/	1970-01-20 03:15:12	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2629:u=1:x=1:i=1653226417:t=1653312817:v=2:sig=AQEcLq_zI-c4kNNCuIPl6Re6rBpz4pp0"
.ct.pinterest.com/	1970-01-20 11:59:22	Name: _pinterest_ct_ua Value: "TWc9PSZ2MUFGWnF5VWtQVHhmbEdwUE5oNXd5ZmdNcDRTcWVXKzdJYkNxV2tBTTZSclozSnpaUjZkK1gxdU5hdWNhWWF2QmJuR1Via3FDU0ZTREUzV2ljbHJkcXlhWHpTekw0SXM5T1MyaTk5NGZaYz0mN0lzeXZoN1RTbGdDemJNdTZrQllQclJxZXl3PQ=="
app.fandiem.com/	1970-01-20 03:23:51	Name: connect.sid Value: s%3AZRH5zfDHZjiFJp3yEhZWFgC029vf77bx.p1%2F1McpHZiu7MHCJ5dlbAmgq%2FxNulT9nS8UVyseFyHE
.fandiem.com/	1970-01-20 11:59:22	Name: _pin_unauth Value: dWlkPVpHRmpNRFl6Tm1VdE1tUTRaUzAwTm1GbExXSTRZek10Wm1aaE1HUXlZbVUwTkdabQ
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 20:45:40	Name: bscookie Value: "v=1&202205221333388e0eb7fd-5d11-4caf-86d9-b144690b352bAQEKNp8q-BE18gwEfP8Du827ZA-0HFtt"
.linkedin.com/	1970-01-20 20:30:54	Name: li_gc Value: MTswOzE2NTMyMjY0MTg7MjswMjHZBXRT991f7hS+gxJqCmdm4z1QqyQwNpCrYRhfyFT2iA==
fandiem.com/	1970-01-20 07:36:34	Name: _pk_ref.335.48f4 Value: %5B%22f-covid-bandsintown-sweet-relief-2022%22%2C%22%22%2C1653226418%2C%22http%3A%2F%2Fwinwith.fandiem.com%2F%22%5D
fandiem.com/	1970-01-20 12:39:41	Name: _pk_id.335.48f4 Value: c4b0c8a68e1fc720.1653226418.
fandiem.com/	1970-01-20 03:13:48	Name: _pk_ses.335.48f4 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: VeRGcZnhBLw
.youtube.com/	1970-01-20 07:32:58	Name: VISITOR_INFO1_LIVE Value: -_ieX29XY_k
.doubleclick.net/	1970-01-20 12:35:22	Name: IDE Value: AHWqTUm_e-zKACyru_jMWWQhGcMfLRTpcsupRxwi92eF4cKMCbh51HdY0X4QVN04
.trey.shop/	1970-01-20 11:59:22	Name: _iidt Value: tfbizwXO00DfJcrAZqhRSwjJ976H+OuJao78zLyo5HnKUa68gRQAv/cXhDrSxWbaLEtH03G7ZUsuBhfc4CDoODoMq5+Zj7k=
.fandiem.com/	1970-01-20 11:59:22	Name: _vid_t Value: qwYQmqu92M1iKmXA6zqxM3QPIZtlH9T8ZRQT1+MVfpBO+lGEIQITSkvR2mjlqxEhm0d9itiagBMw+QzB46LdKpjmVFp0GKE=
app.theadslab.io/	1970-01-20 12:39:41	Name: _pk_uid Value: 0%3DYzRiMGM4YTY4ZTFmYzcyMA%3D%3D
fandiem.com/	1970-01-20 11:59:22	Name: po_visitor Value: Hv7op4-J3joE
.bandsintown.com/	1970-01-20 20:44:58	Name: _ga Value: GA1.2.1977410220.1653226419
.bandsintown.com/	1970-01-20 03:15:12	Name: _gid Value: GA1.2.704779483.1653226419
.bandsintown.com/	1970-01-20 03:13:46	Name: _gat_UA-2044446-18 Value: 1
fandiem.com/	1970-01-20 20:44:58	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NTMyMjY0MTksInZhbHVlIjoiaHR0cDovL3dpbndpdGguZmFuZGllbS5jb20vIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vZmFuZGllbS5jb20vc3dlZXBzL2tlc2hhP3V0bV9jYW1wYWlnbj1mLWNvdmlkLWJhbmRzaW50b3duLXN3ZWV0LXJlbGllZi0yMDIyJnV0bV9jb250ZW50PWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjIta2VzaGEtc3dlZXBzLXBhZ2UmdXRtX21lZGl1bT1wYXJ0bmVyLWJhbmRzaW50b3duLWJsYXN0LWZyb20tYml0JnV0bV9zb3VyY2U9YmFuZHNpbnRvd24ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE2NTMyMjY0MTksInZhbHVlIjoiaHR0cDovL3dpbndpdGguZmFuZGllbS5jb20vIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vZmFuZGllbS5jb20vc3dlZXBzL2tlc2hhP3V0bV9jYW1wYWlnbj1mLWNvdmlkLWJhbmRzaW50b3duLXN3ZWV0LXJlbGllZi0yMDIyJnV0bV9jb250ZW50PWYtY292aWQtYmFuZHNpbnRvd24tc3dlZXQtcmVsaWVmLTIwMjIta2VzaGEtc3dlZXBzLXBhZ2UmdXRtX21lZGl1bT1wYXJ0bmVyLWJhbmRzaW50b3duLWJsYXN0LWZyb20tYml0JnV0bV9zb3VyY2U9YmFuZHNpbnRvd24ifX0=
fandiem.com/	1970-01-20 03:15:12	Name: _ps_session Value: W1HwuRiyjBxOjLscGY3n-
.liadm.com/	1970-01-20 20:44:58	Name: lidid Value: 6c572057-6485-4a0d-b53f-c9b6d5343e60

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dpjhaiprv9czz.cloudfront.net/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.fandiem.com/api/accounts Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
javascript	error	URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Message: Access to font at 'https://dpjhaiprv9czz.cloudfront.net/4a641adac032d7803bcd.otf' from origin 'https://fandiem.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dpjhaiprv9czz.cloudfront.net/4a641adac032d7803bcd.otf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://fandiem.com/products/.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=W1HwuRiyjBxOjLscGY3n-&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Message: Access to fetch at 'https://location.postscript.io/country' from origin 'https://sdk.postscript.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://location.postscript.io/country Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Message: Access to font at 'https://dpjhaiprv9czz.cloudfront.net/cf9a11deda1fab2ed9e5.otf' from origin 'https://fandiem.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dpjhaiprv9czz.cloudfront.net/cf9a11deda1fab2ed9e5.otf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-invite.merchantyard.com
ajax.googleapis.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api.postscript.io
api.pushowl.com
app.fandiem.com
app.theadslab.io
assets1.adroll.com
cdn.jsdelivr.net
cdn.pushowl.com
cdn.shopify.com
cdnjs.cloudflare.com
chimpstatic.com
connect.facebook.net
ct.pinterest.com
d.adroll.com
d1tkzf9ss7ctgm.cloudfront.net
diffuser-cdn.app-us1.com
dpjhaiprv9czz.cloudfront.net
fandiem-storage.s3.us-east-2.amazonaws.com
fandiem.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.trey.shop
i.imgur.com
i.liadm.com
i.ytimg.com
jnn-pa.googleapis.com
location.postscript.io
monorail-edge.shopifysvc.com
prism.app-us1.com
px.ads.linkedin.com
px1.bandsintown.com
px4.ads.linkedin.com
rest.bandsintown.com
s.adroll.com
s.pinimg.com
s3.amazonaws.com
sdk.postscript.io
shy.elfsight.com
snap.licdn.com
sp-auction.webkul.com
stackpath.bootstrapcdn.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.ads-twitter.com
static.doubleclick.net
static.elfsight.com
static.klaviyo.com
stats.g.doubleclick.net
t.co
tls-use1.fpapi.io
trackcmp.net
triplewhale-pixel.web.app
u1126135.ct.sendgrid.net
unpkg.com
widgetv3.bandsintown.com
winwith.fandiem.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
analytics.google.com
dpjhaiprv9czz.cloudfront.net
location.postscript.io
104.104.52.65
104.16.255.71
104.244.42.133
104.244.42.3
104.79.88.150
108.157.4.53
108.157.4.87
13.107.42.14
142.250.186.130
151.101.12.193
151.101.130.133
151.101.194.133
151.101.2.133
167.89.123.16
18.119.43.107
18.139.26.44
18.64.103.22
18.64.115.78
18.66.248.94
199.232.188.157
23.227.38.32
2600:9000:206f:6c00:6:9280:1080:93a1
2600:9000:206f:c00:1c:cd6a:7440:93a1
2600:9000:214f:4800:1a:25dd:c980:21
2600:9000:21f3:d800:15:5e1:43c0:21
2600:9000:224a:ac00:7:6365:89c0:93a1
2606:4700:20::681a:76b
2606:4700:4400::ac40:9197
2606:4700::6810:5514
2606:4700::6810:7baf
2606:4700::6811:190e
2606:4700::6811:925b
2606:4700::6812:acf
2620:0:890::100
2620:1ec:22::14
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2006
2a00:1450:4001:810::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2016
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9b
2a02:26f0:3500:7::17d8:4dc5
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:4b::84
3.139.21.16
3.33.204.12
51.15.139.10
52.214.198.95
52.216.242.14
52.219.101.106
52.223.36.104
52.73.119.88
54.152.99.78
54.209.91.188
96.16.131.108
003af9995ef56ae44570eed97320356311dd2e2c86be1844c26b4fa3e85087d5
00f0728e73532a7c26f609c04235bae72f8ef1c1ef11c85737c56d9ded84d0a8
04502390a2c1b7aca303503c7c749791a64587b84268c64ae88e0d3f2b215304
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05e383cc3c7312b5332e675ced11f8c7d5f7f1a3dfa672cf22b868b05bb5e6ba
0635398c30973065f2f500e2bb2d88efc31498393b31ff2153fb64b875a5c158
0762c35f70aa0f80035105000ff67b4b8b8f1004eac9c4fb70dfc0ce8cced83b
0a03b7c870a8bdd46bcdbdc7e4febec2e20745e57eddac19b1fad4dff29c1a67
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0d59516bf9f5ff12c68e78b243233dfe80e2a1020170722ec3646df9df575792
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111325fdac9e3c078a70d6b8a8f81466eda581d61cd40536714d160a1a799fa1
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
13eb7acfd4c39ff1169d1551db8131b249a189ce7dec58d8e01c2fd60b6f7fcf
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
170d2e51f23720cf6f83212bbbea382e2e9418ecce32d034eefc02d20ae765e8
1a3cb7a35f92503acd9fe20b5335dca76283aa8601ab7102daeed6a172703a89
1e499be587638f717b60b6b76181b9a5609da8fb9940c12a05fd77280e1707f8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2278f68cc395c3636b8b59a1b8038ee9127a1c0954f945d86ce7b4bb865210e1
234a728142e0fb27f5abb7c64ca9ae9bb5d26066dab12d0527a338b5af5dbf0b
23f942dad09cd5dc795c4c6fedb41b26e841224fcff14d4d159c889d920c9211
24e1fe99ae490a1a3034e53174215fd92bf1619c209f6becc32078cfd1d2e94b
2652f0c7c7b7905018e1a14dd565b946e15d9e7ac92e4b88cfbe54eeda8fa0d6
2d9efae8f0139c424e7306882441198e1eb360b617bbdd5304ed47fbda682954
2dbf3a60290ed886957e7f0c0b53cfe6543dd5dc6a94e478b5708a6f9c554f42
2e2566ef1f4801b1e60ec553d07f911e99f0e8288ed24c8a3c7ed1a578deeca3
2efd56968cfd13844fa86fb967ca2cd504fdcb8ac384157875c105b3956c3811
338406888eb57b8ce8263d8d8afa0cb1051c50a3e48cab4d3d76c8a111b66400
37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
382df84073b5bf82a2a1b98945e9f4e94b37fbce7c39e48a235f3986a8e43bd3
3903951d8a99aba30e5d4eaf2416680320d694e8af1a22a4b7a8c08e98d63ba8
3931be4838c59b741d8e828b1bf7dd5e082eae4e809af617fe27c6243b7e985a
3a0b27c6ff1c1455f975fea1b2a2ff5e29a6658b129a1d0fadba316d3ffa67fe
3be5b8e53fdc8b0a2996590589456db33504977f3d1ce9bb75016c8a707e1a71
3ccf1b601ffedbdc0c09a85a15ea901363888e9b0f361b12bb93c54fdd48fde4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e49027447f74d82b01731012ee22c0065f5ecfb25f04d4800adcf07d2e4f7bf
3f11d6f947628cf65a4d88f2d44ea003d7ba21fd4145b569c34fd6aff1ec19a7
403b5b85d4fe4c8f14257d10e9b3e385b54f59b29eda6dadd0df69385abd5f4b
449c3e62b3c340c2c2a094d7a81517c3bebce6a9560b490083c0c7a50babe8d1
4983b50593f9a8743044df38a41cd32eef5264f818834645a063ea4c6d5611de
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a2d6c1910256046392c9370817db63af572e81d7b4357c36ad68ef823ea7931
4fa3bd00b449467a5591ebe8333b90f9d0b6d23a7457511ae5edebdfda7bd419
528794e6b9a74164584b941956393fa4a5fab7f1d499b03e695e37813749017f
53fb3ea61abbaf420658f47acdfff8aab9fe220b46d40f517d9e1127901cf826
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
541ab646663d4b1f309d62e21da2b9e93e4d727a982261c2ff5fff22c214ebe1
56e92abeda7cb6a59a2dddf861283c539b424aaa8141ae6544626aeddde1413d
57df0348d6c00360aa9e0a119035e735592f3454a9bb1dd5a5f8f0f97b21905e
59df8900585686dc4d48c349e63837e4c054dc2f1160f0ca5ba9dd8307ed4988
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c69c20651d68d5492ec01e9c8f7ad19e9883556163fe4baa0d96c799aa3683d
5cf9c43ad6f97ea2066627e0c27124b3f356572368951f91e68fa932aa1d5fb8
5db2ecc54a654d72496f0ed8725a969de6af6524a5772de9a9e6e865acc715d1
5e23727d52bc256babd36c2f1795d4d4694c0700f88175de11104b53dc949a3b
626d5c4ef7cb200f6023e0b37b3668e8047d1b6f4d7e03603f554a34ac819b51
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64d8fa75bb9c3d700a28a0325c3c39e364b42c2f5681488c533c5854a99eed4f
65b70aab4f36d9a78bc63c61743b9335bac04dbc8856e7cec642f112aee43dba
65f3a09a63d129e6673428ffac0067aa41e844cdc4dfbbb05a15a9a1462a3111
660d9e4d937357a54213d2ba71b3c7f508d37876136ba96c39dc66c4fa0ccd44
679b0b82aeefb87c444825eda53ea21424fcb25dc933ae93710b87569e756dee
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69aa0ee241afb80430426a85861c88b93e892326a328a1b56069b8b3b53a207c
6a8ef59459d7ed3ba19628c31019b87bab034c2870a2781c1f4e19f2d35c0d54
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6caed722f971b7c6916e1433a149726d7e0cd4d8824b5f9a20a066ee1367bf29
6e24c4898efd37bd059440a02fa3b93c2d139e0f0ca2c63f33844640f2144142
6f1da63139fc56ebeaa33215ed92d8599040d2d338e3acf4eb42339f786e8221
6f58848b87af4ac1d77e43a2a8c51c429701b2429b75843d24484f38b166a224
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7302b4798a6ff5bbe4aafafebbc6f77c7819d3fd8dd45fd1a91524bb0b3c7969
76272be7b8a2e5a7c80ccd26642ddb222b0e93f57952c7d52dbd41ac931f937a
77b65f6b949a0df2913d86a6e4269e5d70d6cff759561ec7ff5a9cc6dcdfcdab
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160
7d34f115932de70f3f88c8c186e92706985062a58289326663e08c5abb0fa94f
7d937402bdec8a17c0478b9e6179b8a40894b7b487d1f481fcbb01ca0056ab61
7e3e30ee6c862f3799010c62fe83dc68045a679c7180593205dca6c6055266e4
8010099f316b99c322c6e6cf1988c7d024e3fa65d0ccf26ddf1a6c546f8c40cd
821cb2386381c89ed345756658b25c5cb053c16627790768828c6e9e6895366e
82fef94b5c42c23859465622222ab0a72e65c52126faa18a2c3fe020c0c794f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838e202d62f0841ecf7e577b095f4cbfe84507cc3e1a651b2eaaf8a821d9f2d8
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c9252735eab6c2d32435bf1a39faef931845f1310b5e623371c549cb6009
85bb07c78d497ccacf55ad008d36eb1ebec8d6f78c16aa5b081a2cd23502cca5
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
88b8074faa7b0637ab66457e308fd850ac61fa51ee935ceddc64a2d322ed88d8
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a2a512e956e3bfe192159f8d8867b16eb6eb9b4f122f4d29f85b56060818229
8a6c490d0c1632dd1b493a03bb8b0ffe69a44f449d2c1e13cf2e64126501dbf0
8aac4edb821eaeb5730f39ace8de75d5e309ce7b761bb46db6bc6b7fb29de7de
8ccab801926216425a3386fb5e9a144603ca2646ac11a0abe28c780a1d4534b5
8d5b4d24bb7b4cf7b27205b7be47d9eb814e30eef74095890025b9082686bf49
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8d753305beea4c91ca580fc57e9fb08b7db355f7dd542f1e4bdfd6ba37798b8f
8e2d3db4408e44abebf3107d88297c0c9f2234c2eb8837210b5fa9fb2b75852b
924b7fbc0f50eb9af64fcabba0323d7e8d63a86106f5dca2488745edd858f402
92c898ba6b094f9ea8967a9c6d1675c6d4b3de9128a65f2ba04390f20ec20be9
932bdc4c22755a8e867cc1dd8c24649a15dc6924fe8bb8bbfc58e2b8f25a99fe
9f86b45d673e22c9a0332dacb16805aabe11a1006938212a9ddabc34e362a5f0
a081ed513735ffb15626985d663652a2879e96f0b6695e7ceda16d519372555c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fbb355d4bd4beda6e2e7a5c2524abc8e2c8a828124c05b272f0224f7aa1064
a22749318bc08ada723e73935220805449addcde4e49f136e421306bbd5bc79e
a478bcbdcf45ce98a7704d468c758214787738dd1773805009dae435e7b3dd9e
a7781965e85b3ce3708c7396d518c3455b944a4bfb5f3cece9d75e42deab1adb
a83f34ed6cab7b6afd1d02230a242af96dba5ffb33ee0a040effbcdd26f41d7d
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
ab3bddc0103cbbbca75d1b24c50b7468e2ae9fcdd8c1ddc74ce49a6ca82f4ee1
ab8832066786fe7689dc57cb5a7a00a5efc3366f98de0948968af525c0feb33a
abc8faced037c595f8387c9629a17ee692863270378a215a6046e93884082986
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
b088b2dad2ac11713db3653c569db4f4113cabdb819361a0f6610744a98689bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16caad475e7e750a2b27ca89b2dab9ebbbd1657a82c0ba08b235d1b2346de2e
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b580fd139c2f3ca8d1b9f599256f7dfa2663096343f4cfc1c0c352df540210c7
b5dbe48efa59db593d3337cf01d8b20f7c50bde56adfb302226f7987ca37ddf3
b6ccc8741a3dca5368f9151c8b276db46e9f81baa48ff1564ddfafc80f88a746
b8cacb22daf8ec643b05dc026d4a5fe9cf342ba7037b30b97406dccc24e891d5
b9019e2e5707d67dbbb8e97adb47b0e88f5c02b191b12cd2acb34e8cd50eb954
bbc48cedd99cde691871122bb1227f70659db08de6531f3be2cdf7e50b628e66
bc14b21dbd140c88771ed1dacf99a3eda944ceae28659e8e2fbe38c5a828ef5e
bfe4725cbcd3724eff4f864cf0ef6c649662479b1c375652ecadaa77cadc6c68
c0e6487c29b3544bd38764670fe3adaf5e0b489cf74d3beeabacf89fdf356262
c6ba0c56919d76219628f59713b483e2c592573741375510f7196ae6e55fa8f4
c85bdfa8338fd34e272b079ea48fd66899cc1d14bce0e7560d2302c20b4ccddb
c969b088f5ab3eef5981770166d96ce7e896cd9e62695661dbdbd7c7cf648e7f
cbf0c821489ff8b5e2d2347a9dd91fe94d67b4a363ceadedaf719b9123bc828e
cdf815e9555bbca27b279310c8dabfc4cd43d9a15b7361e674889f4f1d6c1029
d120cf757a72bab3e3d936b789aaf1cf885eb8def7a0f64d416c223423359385
d18c3255af255a7a1b76a397393a67aa0c8a49b646f08bf0e35e2e0bca865d5c
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a
d44178491250a72ee6cf5416c5b3bca63bcc457b0c320b1d26d00cbbad677938
d4cd3d9085ed3aeb2258ff4a5724177bcd3e1ff495e03ca6255cfb5884339bc0
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7b0dac410e80ffa42e5156cecffb51d3a1ea7c96ba40aec547cf4b49d913de5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9cbb400bf017649e1209e639b8ad006b8466cc6e52832244a37c22f38cebc9d
dbea88fbfcb361ef825d266d89ef41aa060d3f266d77246dac3dd12a32d65c55
dc2a4540e3fdc6781ffd26671a685544c9dfdd687f5b4fd7837a92ead650aaae
dc88e70854a581bbc52c5a67e194b7f3ee11a372cf65d6628ea70227c767d612
ddbe4a46ea14dd431aa4fc95e910ee457a362b9f5e81628a8c65a771d265fed5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea879f51f500fe9f9b01701e342822dfd978b106c15f56d90e1a782425fb5df
e0c2f2e5acaf896fe147c7e12de2fc594d584798191242604ce4872f9c5ecd0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5af5d4a4ad777c67933623be3d76693c5c3d8048ee94c4f44447bd574440f38
e5e308b9dceb7e087f6254a18a31039fc4776b5dfb0c64daee64961d3ddc2a63
e6209b0ee91e6db5f1cb2f349ebe814bdcc413b7940c5860be8a66f8a40ded95
e6c5e605ca8fdb9ff646c4450e509fd599529891c7caa57c119170bb42149ccc
e7fb53b43e9c5b16bd3ce4e21c9cb8cc939dd6c2567fdceafa7949b0bdcaa8d7
e8691755a8ed913625d56f33a4ec9abf91166dacdb6d9607d7055c86a7064fad
ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837
ea470df0377e9112fd7bc0ed5e18fcb7df8fc022d106599ced36593293559512
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb4124fd2515e60b5a2827c9dc9f3f8e72d0deb5c2655f2e52e2502d8b1a03d4
ec148db3299ebf064ec070a0bf9aecdb9414c50e69638f5ccfa4dd36265bfb08
ecb2cfc35864022302df026bc7d2fde1f2d44bf1f0f58f55d42fe7fd5ca7a747
ed455c446a7d5dce7d54021f47950e3572c696b6c5e822d8ee8facf0a5a3e91e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee42895b008b34df27e6b4f530d52954f91e2f16f07b511953bde388b76cb2b2
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f48e8278dbd5f830c3e36b053e5d330d93dbf9a81ffb61b4351305628dbd8e73
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f68d27acd527de195aef61018035ad71196cc6f3123849e74f3fe1bf9abd406a
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
fc82edd4d38d1011002e3642c3fb73a932d0c45d25b5fe44683eb831031f01f9

fandiem.com Open in urlscan Pro 23.227.38.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

232 Requests

95 %HTTPS

52 %IPv6

48 Domains

72 Subdomains

64 IPs

8 Countries

9555 kBTransfer

20556 kBSize

50 Cookies

7 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

fandiem.com Open in urlscan Pro
23.227.38.32 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

95 %
HTTPS

52 %
IPv6

48
Domains

72
Subdomains

64
IPs

8
Countries

9555 kB
Transfer

20556 kB
Size

50
Cookies

232 HTTP transactions
13 data transactions