wickedthemusical.com Open in urlscan Pro
35.171.141.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wickedthemusical.com/
Submission Tags: phishingrod
Submission: On October 14 via api (October 14th 2023, 12:10:52 pm UTC) from DE — Scanned from DE

Summary HTTP 143 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 36 domains to perform 143 HTTP transactions. The main IP is 35.171.141.94, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wickedthemusical.com.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.

This is the only time wickedthemusical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	35.171.141.94 35.171.141.94	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:fa43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:2250:dc00:15:2f34:53c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.111.146.217 34.111.146.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
4 8	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:310... 2a02:26f0:3100:3a9::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.126.37.40 104.126.37.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
7	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1 4	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	35.244.160.208 35.244.160.208	15169 (GOOGLE) (GOOGLE)
2 3	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1 2	34.254.70.163 34.254.70.163	16509 (AMAZON-02) (AMAZON-02)
1	52.31.202.102 52.31.202.102	16509 (AMAZON-02) (AMAZON-02)
1 1	52.6.39.46 52.6.39.46	14618 (AMAZON-AES) (AMAZON-AES)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
143	39

31 35.171.141.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-141-94.compute-1.amazonaws.com

wickedthemusical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:fa43 (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:dc00:15:2f34:53c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1rx0dtgjk9kr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.146.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.146.111.34.bc.googleusercontent.com

chat.satis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.198 (Plainview, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

2179121.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5549924.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5451832.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100:3a9::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.126.37.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-40.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.160.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.160.244.35.bc.googleusercontent.com

prod-satisfilabs-resources-gcs.satis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.70.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.202.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.39.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-39-46.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	wickedthemusical.com 1 redirects wickedthemusical.com	706 KB
20	doubleclick.net 10 redirects 2179121.fls.doubleclick.net 5549924.fls.doubleclick.net — Cisco Umbrella Rank: 523992 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 ad.doubleclick.net — Cisco Umbrella Rank: 173 5451832.fls.doubleclick.net	9 KB
16	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118 fcmatch.google.com — Cisco Umbrella Rank: 4031	2 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	156 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	139 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	261 KB
6	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1808 insight.adsrvr.org — Cisco Umbrella Rank: 665 match.adsrvr.org — Cisco Umbrella Rank: 402	3 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 965	2 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	280 B
5	google.de www.google.de — Cisco Umbrella Rank: 6147	751 B
5	satis.fi chat.satis.fi — Cisco Umbrella Rank: 33623 prod-satisfilabs-resources-gcs.satis.fi — Cisco Umbrella Rank: 35305	63 KB
4	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 6176 pixel.sojern.com — Cisco Umbrella Rank: 8495	2 KB
4	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4846	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	361 KB
4	cloudfront.net d1rx0dtgjk9kr3.cloudfront.net	79 KB
3	fonts.net fast.fonts.net — Cisco Umbrella Rank: 4116	19 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3200	121 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 980	20 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	539 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 4036	432 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 915	1 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1513	415 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 24457	388 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 445	98 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	394 B
1	t.co t.co — Cisco Umbrella Rank: 614	377 B
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 26171	261 B
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3174	6 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 792	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	851 B
143	36

	Domain	Requested by
31	wickedthemusical.com	1 redirects wickedthemusical.com
10	cdn.cookielaw.org	wickedthemusical.com cdn.cookielaw.org
7	region1.analytics.google.com	www.googletagmanager.com
7	analytics.tiktok.com	wickedthemusical.com analytics.tiktok.com
6	adservice.google.com	2179121.fls.doubleclick.net 5549924.fls.doubleclick.net 5451832.fls.doubleclick.net
6	connect.facebook.net	wickedthemusical.com connect.facebook.net 5549924.fls.doubleclick.net 2179121.fls.doubleclick.net
5	ct.pinterest.com	s.pinimg.com wickedthemusical.com
5	www.facebook.com	2179121.fls.doubleclick.net wickedthemusical.com 5549924.fls.doubleclick.net
5	www.google.de	wickedthemusical.com
4	ad.doubleclick.net	4 redirects
4	tag.yieldoptimizer.com	1 redirects 2179121.fls.doubleclick.net
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	2179121.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	wickedthemusical.com www.googletagmanager.com www.google-analytics.com
4	d1rx0dtgjk9kr3.cloudfront.net	wickedthemusical.com
3	pixel.sojern.com	2179121.fls.doubleclick.net
3	cm.g.doubleclick.net	2 redirects 2179121.fls.doubleclick.net
3	insight.adsrvr.org	wickedthemusical.com js.adsrvr.org
3	chat.satis.fi	wickedthemusical.com chat.satis.fi
3	fast.fonts.net	wickedthemusical.com fast.fonts.net
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	5451832.fls.doubleclick.net	1 redirects 2179121.fls.doubleclick.net
2	dpm.demdex.net	1 redirects 2179121.fls.doubleclick.net
2	match.adsrvr.org	2179121.fls.doubleclick.net
2	prod-satisfilabs-resources-gcs.satis.fi	chat.satis.fi
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	www.google.com	wickedthemusical.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	5549924.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	fcmatch.youtube.com	2179121.fls.doubleclick.net
1	fcmatch.google.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	beacon.krxd.net	2179121.fls.doubleclick.net
1	d.turn.com	1 redirects
1	tag.adaraanalytics.com	2179121.fls.doubleclick.net
1	idsync.rlcdn.com	2179121.fls.doubleclick.net
1	beacon.sojern.com	2179121.fls.doubleclick.net
1	analytics.twitter.com	wickedthemusical.com
1	t.co	wickedthemusical.com
1	www.rtb123.com	wickedthemusical.com
1	cdn.pdst.fm	wickedthemusical.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	fonts.googleapis.com	wickedthemusical.com
143	49

This site contains links to these domains. Also see Links.

Domain
www.wickedthemusical.co.uk
wickedthemusical.com.au
www.shiki.jp
www.wickedthemusicalstore.com
tickets.broadwaydirect.com
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.tiktok.com
www.capitalone.com
www.broadwaygreen.com
www.nbcuniversal.com
support.google.com
support.apple.com
support.mozilla.org
support.microsoft.com
policies.google.com
tools.google.com
www.adobe.com
mixpanel.com
www.aboutads.info
youradchoices.ca
www.youronlinechoices.com
www.youronlinechoices.com.au
liveramp.com
www.onetrust.com

Subject Issuer	Validity	Valid
wickedthemusical.com R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.satis.fi Sectigo RSA Domain Validation Secure Server CA	`2022-10-20` - `2023-10-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
rtb123.com R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2023-06-25` - `2024-07-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://wickedthemusical.com/
Frame ID: BE82FB19937CC7C22EE4F05E72840CBE
Requests: 107 HTTP requests in this frame

Frame: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F
Frame ID: CC3FEBF48419BD7D0EAB7DC941B02249
Requests: 23 HTTP requests in this frame

Frame: https://5549924.fls.doubleclick.net/activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F
Frame ID: 0298C5E7B977D928AAA26ADAF43619B2
Requests: 5 HTTP requests in this frame

Frame: https://2179121.fls.doubleclick.net/activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F
Frame ID: A5DD9D2D5D9F2AE1513749591D35A3EE
Requests: 2 HTTP requests in this frame

Frame: https://5451832.fls.doubleclick.net/activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531
Frame ID: BA1EC745C19967349F3108712819FAAA
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4BDF466CFCEC5A939FC60EFA56AED6AB
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ne6bxp1&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=7097zv2&upv=1.1.0
Frame ID: FD189C85273DCC7D6D55A862CFAA7964
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=m7hla2z&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=gwhirxm&upv=1.1.0
Frame ID: 5FC2DB7002A4B599EFD9ABE32525D512
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked The Musical | Official Broadway SiteBack ButtonSearch IconFilter Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

143
Requests

92 %
HTTPS

47 %
IPv6

36
Domains

49
Subdomains

39
IPs

6
Countries

1916 kB
Transfer

5426 kB
Size

47
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wickedthemusical.co.uk/book-tickets/
Title: London Tickets

Search URL Search Domain Scan URL

URL: https://www.wickedthemusical.co.uk/tour/
Title: UK Tour

Search URL Search Domain Scan URL

URL: https://wickedthemusical.com.au/
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.shiki.jp/applause/wicked/
Title: Tokyo

Search URL Search Domain Scan URL

URL: http://www.wickedthemusicalstore.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-649222
Title: 2:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-649221
Title: 8:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-649224
Title: 2:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-649223
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-663402
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-663403
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-663404
Title: 7:00 PM

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271/wicked-ny-663405
Title: 8:00 PM

Search URL Search Domain Scan URL

URL: http://www.wickedthemusical.co.uk/london
Title: London

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Wickedthemusical

Search URL Search Domain Scan URL

URL: https://twitter.com/wicked_musical

Search URL Search Domain Scan URL

URL: https://www.youtube.com/subscription_center?add_user=OfficialWICKED

Search URL Search Domain Scan URL

URL: http://instagram.com/wicked_musical

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@wicked_musical

Search URL Search Domain Scan URL

URL: https://www.capitalone.com/credit-cards/benefits/entertainment/?external_id=WWW_XXXXX_XXX_SEM-Brand_Google_ZZ_ZZ_T_DiningEntertainment_ZZ_ab9581dd-776a-4e24-8ccd-cadeaf1cff81_86890&target_id=kwd-328044054622&gclid=CjwKCAjwqZSlBhBwEiwAfoZUICqwtO-G5oAcz-80NqdhI3JD5QZ73HKKf_SD6Qwa8EYwf_-hJMBNkxoCdyoQAvD_BwE

Search URL Search Domain Scan URL

URL: http://www.broadwaygreen.com/

Search URL Search Domain Scan URL

URL: https://tickets.broadwaydirect.com/tickets/series/942533271?_gl=1*1nw4uz8*_ga*OTQwNDcwMTUuMTY4NzUzNjI2OA..*_ga_2TH76WHGSC*MTY5MDM4NjM2NS4xLjEuMTY5MDM5NTUwNC4zNC4wLjA.

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/brands
Title: its affiliates

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=en&p=cpn_cookies
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-gb/HT201265
Title: Apple Safari

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirectlocale=en-US&redirectslug=Enabling+and+disabling+cookies
Title: Mozila Firefox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Title: Microsoft Internet Explorer

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout
Title: Google Analytics Opt-Out

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/analytics.html
Title: Omniture’s Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/opt-out.html
Title: Omniture’s Opt-Out

Search URL Search Domain Scan URL

URL: https://mixpanel.com/privacy/
Title: Mixpanel’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://mixpanel.com/optout/
Title: Mixpanel’s Opt-Out

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: Digital Advertising Alliance in the US

Search URL Search Domain Scan URL

URL: https://youradchoices.ca/choices/
Title: Digital Advertising Alliance of Canada

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/
Title: European Interactive Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com.au/your-ad-choices/
Title: Australian Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: Facebook Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Title: Facebook’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/personalization
Title: Twitter’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: Liveramp’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://liveramp.com/opt_out/
Title: Liveramp Opt-Out Page

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://wickedthemusical.com/api/calendar/events/future-tags HTTP 301
https://wickedthemusical.com/api/calendar/events/future-tags/

Request Chain 52

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F HTTP 302
https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Request Chain 53

https://5549924.fls.doubleclick.net/activityi;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F HTTP 302
https://5549924.fls.doubleclick.net/activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Request Chain 72

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F HTTP 302
https://2179121.fls.doubleclick.net/activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Request Chain 80

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1162&sg=WICK&pg=ot& HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=739865165&t=s&p=1162&sg=WICK&pg=ot&

Request Chain 111

https://ad.doubleclick.net/ddm/activity/src=8546338;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Request Chain 112

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2569224470906156407

Request Chain 113

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3017717616773 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017717616773

Request Chain 115

https://sync.srv.stackadapt.com/sync?nid=adara HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=ZgfMTJm3Wvx6OHYt-Rpo2FQTr7c

Request Chain 117

https://5451832.fls.doubleclick.net/activityi;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531 HTTP 302
https://5451832.fls.doubleclick.net/activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531

Request Chain 120

https://ad.doubleclick.net/ddm/activity/src=9836704;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ygwHb0fV9UMm-ewuHJknsQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC&sjrn_ula=903923083 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC&sjrn_ula=903923083&google_gid=CAESEJwRMUMFgfSRwazp3-5dOLo&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_hm=ygwHb0fV9UMm-ewuHJknsQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoqJ327LeH7q9rrF2KMdyqc4GjKJacd5BppK3eE7PHAUFbCeEq36FSKqIPMqdKs-g2bLCD1k3cz_bU1oO5VCsGwTJNVsU5vafZCVy890zz2pYrIE6Mw HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqJ327LeH7q9rrF2KMdyqc4GjKJacd5BppK3eE7PHAUFbCeEq36FSKqIPMqdKs-g2bLCD1k3cz_bU1oO5VCsGwTJNVsU5vafZCVy890zz2pYrIE6Mw

Request Chain 123

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC HTTP 302
https://pixel.sojern.com/idsync/apn?id=1900207874094451200&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC

Request Chain 125

https://c1.adform.net/serving/cookie/match?cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=1324932835529037803&cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1

143 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wickedthemusical.com/ 81 KB
19 KB 377ms
118ms Document
text/html 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b47fe6f67688b4cf2464465f92f43aedc340a5d23185bee065e08bcee55c4532

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-encoding: gzip
content-length: 19091
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 12:10:46 GMT
expires: Sat, 14 Oct 2023 12:10:46 GMT
last-modified: Sat, 14 Oct 2023 11:51:34 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/ 21 KB
8 KB 104ms
55ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4d669f0396d1fc4e3e3c5d1fe6217f71a74ed78d6b420f376d331d515514b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 69494
content-md5: VpEAewnOpvlMffCyoBoh7A==
content-length: 7129
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 17:35:17 GMT
server: cloudflare
etag: 0x8DB36C549C6B864
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 20f48485-e01e-00f6-0eae-68fff0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb89bf9043636-FRA
expires: Sun, 15 Oct 2023 12:10:47 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 84ms
35ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 57226
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 815fb89bf96a2bb9-FRA

GET
H2 200 sbi-styles.min.css
wickedthemusical.com/wp-content/plugins/instagram-feed/css/ 24 KB
3 KB 118ms
116ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1.6
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-607e"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.min.css
wickedthemusical.com/wp/wp-includes/css/dist/block-library/ 95 KB
11 KB 226ms
225ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.2.3
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-17ced"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 classic-themes.min.css
wickedthemusical.com/wp/wp-includes/css/ 291 B
300 B 227ms
225ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/css/classic-themes.min.css?ver=6.2.3
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-123"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
fast.fonts.net/cssapi/ 5 KB
1 KB 481ms
412ms Stylesheet
text/css 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce50c3ddb962ac8242bf562751b465d706d19c13a96bce9112cf37fdf2c76db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-meta-mtime: 1524751285
date: Sat, 14 Oct 2023 12:10:47 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Feb 2021 22:13:58 GMT
server: cloudflare
x-amz-request-id: MGK4EE00A6QGF57X
etag: W/"8b0ef70a7185eb8784fc7b0ef5b3e90e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300
cf-ray: 815fb89c19f1373a-FRA
x-amz-id-2: MwqDu8FaRXZNjunGtBHlP+YNGegrE2a64vkDiUA+nhkwz1Rj6YVVvf5OtTHvhC+SgJJoKl4GwdA=
expires: Sat, 14 Oct 2023 12:15:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
851 B 82ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbe84d9cac20a501eb5dc1de30ade0618a275e517fcce24c7f935db1830af100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 11:34:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 12:10:47 GMT

GET
H2 200 main-cf1a56394a.css
wickedthemusical.com/wp-content/themes/wicked/dist/styles/ 346 KB
43 KB 227ms
226ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b670e5a6f7bd02d51400674dad3a7355f34698f8aa01420bc0c5d0a5fcd88e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:56 GMT
server: nginx
etag: W/"64c2767c-56803"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
wickedthemusical.com/wp/wp-includes/js/jquery/ 88 KB
30 KB 235ms
234ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-15ed7"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery-migrate.min.js Show response
wickedthemusical.com/wp/wp-includes/js/jquery/ 13 KB
5 KB 235ms
234ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-3470"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 wicked_logo.png
d1rx0dtgjk9kr3.cloudfront.net/wp-content/themes/wicked/dist/images/ 52 KB
52 KB 499ms
414ms Image
image/png 2600:9000:2250:dc00:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/themes/wicked/dist/images/wicked_logo.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:dc00:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8110fec8953967ec64d619493efbd07f1f0640746e6aee93298985a3b0e61db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 13:51:56 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
etag: "64c2767c-ce7f"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 52863
x-amz-cf-id: 9ylucZ8gRJCnrQJNXJFbKjZVc8TX3Rhp_6D8u0szmJJRAtjqwFePQw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 284 KB
96 KB 115ms
59ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

511216fb41ab08ac4aeea7593ef042231f8a26ea411ca70600818af91bfda8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 12:10:47 GMT

GET
H2 200 552e6466-df7a-40e0-93c1-dc4129b84302.json Show response
cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/ 4 KB
2 KB 40ms
40ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/552e6466-df7a-40e0-93c1-dc4129b84302.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a1e6b3fa6da6aa1874ccd12f654a652ae5681b7aa7b7e7fdcf6b126e08a7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 69494
content-md5: H8WRatNwBhf5fTShqI92rg==
content-length: 1660
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 17:35:39 GMT
server: cloudflare
etag: 0x8DB36C557092381
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 839ece10-201e-004a-1bae-68e881000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb89c597d3636-FRA
expires: Sun, 15 Oct 2023 12:10:47 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
235 B 81ms
36ms Script
text/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 815fb89f482518cb-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 capital-one-logo-white.png
d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/ 21 KB
21 KB 420ms
420ms Image
image/png 2600:9000:2250:dc00:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/capital-one-logo-white.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:dc00:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 50d68134803430f1729e9927426d636c1b75662fe24bd1706a4d2166ef682087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jul 2023 20:26:56 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
etag: "64a5d210-5376"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 21366
x-amz-cf-id: iBwF9NAIJ1mrIA6MBKxmXg-YZZvVw12dQzCKasz6vVuCf62pcRrB_Q==

GET
H2 200 bga-logo.png
d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/ 2 KB
2 KB 142ms
142ms Image
image/png 2600:9000:2250:dc00:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/bga-logo.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:dc00:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d0368be2b71c0c2fb9e6b1b1e946a13b18b47f531f4151b536f613477b9b6d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jul 2023 20:28:24 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
etag: "64a5d268-6ca"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1738
x-amz-cf-id: ts7iGzy7UHAfEyAtpwNQMw1LbwPqGsgSxGShFFfQNLdikhRSFbVccA==

GET
H2 200 broadwaydirect-logo.webp
d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/ 3 KB
4 KB 406ms
403ms Image
image/webp 2600:9000:2250:dc00:15:2f34:53c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rx0dtgjk9kr3.cloudfront.net/wp-content/uploads/2023/07/broadwaydirect-logo.webp
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:dc00:15:2f34:53c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1f3c87ba47b56f47598b859329db45ed981071aaf2f887e0f385e5745af16118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jul 2023 17:27:14 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
x-powered-by: PleskLin
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 3372
x-amz-cf-id: kWyQAD40BMwnhqutdKoebb5czwiNY-OI3Jt84MWDRpTbvFpfwp4zJQ==
expires: Sun, 11 Feb 2024 12:10:47 GMT

GET
H2 200 ticket-calendar-1f567e1720.js Show response
wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/scripts/ 207 KB
67 KB 127ms
123ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/scripts/ticket-calendar-1f567e1720.js?ver=2.0
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: f7ce91e2bb9a685435527b75513cc130f4fee6ec5c7f28efd9fbeab2781bcc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:55 GMT
server: nginx
etag: W/"64c2767b-33a82"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 main-e8681cdf49.js Show response
wickedthemusical.com/wp-content/themes/wicked/dist/scripts/ 139 KB
40 KB 132ms
128ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/scripts/main-e8681cdf49.js
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 63b3bea0e5718a1a04e529b9b3f3248e481b44c3615da8d928b771a177ccdbae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:56 GMT
server: nginx
etag: W/"64c2767c-22a75"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 wp-polyfill-inert.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/vendor/ 8 KB
2 KB 133ms
129ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-1feb"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 regenerator-runtime.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/vendor/ 6 KB
2 KB 134ms
129ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-19cf"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 wp-polyfill.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/vendor/ 17 KB
6 KB 134ms
130ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-459f"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 dom-ready.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 498 B
437 B 244ms
240ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-1f2"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 hooks.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 5 KB
2 KB 244ms
240ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-132e"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 i18n.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 10 KB
4 KB 244ms
240ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-27f6"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 a11y.min.js Show response
wickedthemusical.com/wp/wp-includes/js/dist/ 2 KB
1013 B 244ms
241ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:57 GMT
server: nginx
etag: W/"64c2767d-9cc"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery.json.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/js/ 2 KB
1005 B 244ms
241ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.7.10
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-72c"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 gravityforms.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/js/ 46 KB
13 KB 245ms
242ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.7.10
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-b6a5"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 placeholders.jquery.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 245ms
242ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.7.10
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-121f"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 utils.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/ 40 KB
12 KB 245ms
242ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=1329f9a0886f2ff3fb51c6f17277eb75
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d03515268b17a0cbf88cd38aa108e0770a23e1338d22d2dc9e9a38ca6a89311b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-9fdc"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 vendor-theme.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/ 17 KB
6 KB 245ms
242ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-430c"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 scripts-theme.min.js Show response
wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/ 4 KB
2 KB 245ms
242ms Script
application/javascript 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=443293948084ca0fe29518ebcd01dc6b
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1f751d3740ea83b3d42100e1bf23b0b17d5b4c4ff3bdf9badd42ba03a814896f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:54 GMT
server: nginx
etag: W/"64c2767a-f14"
x-powered-by: PleskLin
content-type: application/javascript; charset=utf-8

GET
H2 200 embedder Show response
chat.satis.fi/popup/ 166 KB
54 KB 206ms
135ms Script
application/javascript 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/popup/embedder
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb716fedf797a1d2d8c46deed804f97881304cfaebc13e905f1848f268cbf49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
via: 1.1 google
server: Microsoft-IIS/10.0
etag: 4494147E9FBCD45D95644B39D209F69E
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55100

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 98ms
42ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 815fb89cfe17994b-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 41ms
39ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 69494
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf142c3-101e-016f-0be1-5a3667000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb89f0ce63636-FRA

GET
H2 200 1.css
fast.fonts.net/t/ 0
224 B 36ms
36ms Stylesheet
text/css 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=37f28718-6d56-406d-bb1b-cf3fa5cc2b6e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: M4ME61K0Q1WQ8HFA
age: 153720
content-length: 0
x-amz-id-2: 2/aNzekl+U2bVLeldzE6AJ//mZaiMl8EpaUv1mKG7k233JLiT+XFCL8AFbe5MxWnpFqIG+M8a9A=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 815fb89ebd4b373a-FRA
x-amz-meta-mtime: 1519217722

GET
H2 200 logo-6.png
wickedthemusical.com/wp-content/uploads/2019/05/ 48 KB
48 KB 245ms
243ms Image
image/png 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/uploads/2019/05/logo-6.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ead365bafa451211d6ce383395fdaf22943af479aa5eda7615581e6b0e81e65a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
last-modified: Tue, 03 Oct 2023 19:57:05 GMT
server: nginx
etag: "651c7211-be3d"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 48701

GET
H2 200 Wicked_LinguificationLibrary.jpeg
wickedthemusical.com/wp-content/uploads/2021/09/ 51 KB
51 KB 245ms
243ms Image
image/jpeg 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/uploads/2021/09/Wicked_LinguificationLibrary.jpeg
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 610cff2c96722ead24487039f6fa6de3161a9b3d8561cc09e0abab2ccc6430f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
last-modified: Tue, 08 Nov 2022 16:01:16 GMT
server: nginx
etag: "636a7d4c-cd05"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 52485

GET
H2 200 slide-image-1-685x630.png
wickedthemusical.com/wp-content/uploads/2018/04/ 179 KB
179 KB 245ms
243ms Image
image/png 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/uploads/2018/04/slide-image-1-685x630.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e32957744ae7d7362c0513a4346a63dd350132483b4282ef84912f66ccd86e77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
last-modified: Tue, 08 Nov 2022 15:55:40 GMT
server: nginx
etag: "636a7bfc-2cbb7"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 183223

GET
H2 200 arrow-green.png
wickedthemusical.com/wp-content/themes/wicked/dist/images/ 215 B
354 B 235ms
235ms Image
image/png 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/images/arrow-green.png
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a616c05df0242158ec4650bdbb42e3b093ec6cdcb11416e3aab079c119965f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
last-modified: Thu, 27 Jul 2023 13:51:56 GMT
server: nginx
etag: "64c2767c-d7"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 215

GET
H2 200 520ed712-50ad-4591-aa63-b242b83a3694.woff2
fast.fonts.net/dv2/14/ 17 KB
18 KB 87ms
42ms Font
application/octet-stream 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/520ed712-50ad-4591-aa63-b242b83a3694.woff2?d44f19a684109620e484157ba790e81816499089734fbd8e6abfc352469fbcd9cb812f3be187fae8936cdd8a6d5ef13de0c889367c5f695398befba20c15acea955316aef2e1e3e05bd1a897ee0676b9dd76974f3c2b5303d2a8ed773ccfea4cbdfce3f8fd91f06a43d659b5f6fe6438f5238cff5ef2adc9&projectId=37f28718-6d56-406d-bb1b-cf3fa5cc2b6e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2bf166f3ec51fb4f4f30863527658488e638f5c34f5b7374de3aaac9383be7

Request headers

Referer: https://fast.fonts.net/cssapi/37f28718-6d56-406d-bb1b-cf3fa5cc2b6e.css
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sat, 14 Oct 2023 12:15:47 GMT
date: Sat, 14 Oct 2023 12:10:47 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: DW6A2E1V05T8SBJ9
age: 3401
content-length: 17364
x-amz-id-2: ZILxXNAkZr4FETXJinmYpzJNp0WCyvXGSiS/E0EKbyNCMGZOe5c7ZepvWxqzPMxpoWTkDEIsOXs=
last-modified: Fri, 13 Nov 2020 15:15:57 GMT
server: cloudflare
etag: "ec7dd7a7bc55c3bd9f1c72dc25399b2d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 815fb89f58843a5c-FRA
x-amz-meta-mtime: 1440053553

GET
H2 200 fa-solid-900.woff2
wickedthemusical.com/wp-content/themes/wicked/dist/fonts/ 76 KB
77 KB 349ms
348ms Font
application/octet-stream 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/fonts/fa-solid-900.woff2
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f

Request headers

Referer: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 13:51:56 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 12:10:47 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 203521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 03:38:46 GMT

GET
H2 200 fa-brands-400.woff2
wickedthemusical.com/wp-content/themes/wicked/dist/fonts/ 75 KB
75 KB 347ms
347ms Font
application/octet-stream 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/fonts/fa-brands-400.woff2
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb

Request headers

Referer: https://wickedthemusical.com/wp-content/themes/wicked/dist/styles/main-cf1a56394a.css
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Jul 2023 13:51:56 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 12:10:47 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 93ms
43ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wickedthemusical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:54:52 GMT
x-content-type-options: nosniff
age: 155755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:54:52 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/1281e891-45ed-459d-a8cd-d1b1aed94bc5/ 90 KB
20 KB 43ms
42ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/552e6466-df7a-40e0-93c1-dc4129b84302/1281e891-45ed-459d-a8cd-d1b1aed94bc5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f631d5455f589ef074281c0677aaadf301d5489ad8b81798e36d371bba3c761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 69494
content-md5: mCwul+G5nXMRWWTpitThag==
content-length: 20518
x-ms-lease-status: unlocked
last-modified: Thu, 06 Apr 2023 17:35:43 GMT
server: cloudflare
etag: 0x8DB36C55900D88B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fff31fde-501e-0022-0280-ebfc9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb89f7d7b3636-FRA
expires: Sun, 15 Oct 2023 12:10:47 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 13 KB
3 KB 34ms
34ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xx897lTVYGjMQiwuGCrzDA==
age: 69493
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
server: cloudflare
etag: 0x8DA87805972EF22
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ccee3c5f-f01e-016e-6c4b-a5379a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb89fcdec3636-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 62 KB
13 KB 33ms
33ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 444ho/eGhWdN7ej7RCW2zw==
age: 69494
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13253
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AD77A2D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 67b9fc3a-301e-0151-2de1-5a8046000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb89fcdee3636-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 37ms
36ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 69494
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 78b22004-c01e-00c3-41e1-5a51a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 815fb89fcdf03636-FRA

GET
H2

200

/ Show response
wickedthemusical.com/api/calendar/events/future-tags/
Redirect Chain

https://wickedthemusical.com/api/calendar/events/future-tags
https://wickedthemusical.com/api/calendar/events/future-tags/

44 KB
3 KB

118ms
117ms

XHR
text/html

35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/api/calendar/events/future-tags/
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 994699ffbc132c6581d114001b80c57a3a421dd9ec3f9c8112c80bbc03e3da7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
last-modified: Sat, 14 Oct 2023 11:51:24 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=0
accept-ranges: bytes
content-length: 2933
expires: Sat, 14 Oct 2023 12:10:47 GMT

Redirect headers

date: Sat, 14 Oct 2023 12:10:47 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/html; charset=iso-8859-1
location: https://wickedthemusical.com/api/calendar/events/future-tags/
cache-control: max-age=0
content-length: 269
expires: Sat, 14 Oct 2023 12:10:47 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 88ms
23ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:51:17 GMT
Content-Encoding: gzip
Via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 29971
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: dGwEEenmGwLMGvHnBQc0ocxOJiDz10MlAJzh2ryLMB24qS6uA8jr4A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
93 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e1ddb00fabf1d8d8c9554c78fb644016cae38ef0954314686be406f928b0ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 12:10:47 GMT

GET
H2

200

activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep... Show response
2179121.fls.doubleclick.net/ Frame CC3F
Redirect Chain

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;ua...

3 KB
2 KB

68ms
67ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

d76251cde35bc9c6efccc295573e66a01e1ee5f033486464d61e30e198914895

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:47 GMT
expires: Sat, 14 Oct 2023 12:10:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
5549924.fls.doubleclick.net/ Frame 0298
Redirect Chain

https://5549924.fls.doubleclick.net/activityi;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epve...
https://5549924.fls.doubleclick.net/activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=...

1 KB
958 B

76ms
75ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5549924.fls.doubleclick.net/activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

d4f076eedc367423bfaa20bd842c266d297a98fa07da32739ccf9a7c27f92348

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 621
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:47 GMT
expires: Sat, 14 Oct 2023 12:10:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5549924.fls.doubleclick.net/activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 74ms
23ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230104-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/951685876/ 3 KB
2 KB 116ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951685876/?random=1697285447715&cv=11&fst=1697285447715&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwickedthemusical.com%2F&label=krl8CO75t3oQ9KXmxQM&hn=www.googleadservices.com&frm=0&tiba=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&us_privacy=1---&auid=1519149132.1697285448&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b18364d385595cdbff76921d3fff9fb61841a31808c1392354a7bc150a9c2a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 220ms
48ms Script
application/javascript 2a02:26f0:3100:3a9::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:3a9::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1473

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 198ms
121ms Script
application/javascript 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5O9M5LQ5ECR7VU4EUN0&lib=ttq
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2b6d9d704f5f813d0390ca421e1a1923381ca46c8681da593c426884e1a5858b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: e434dbb9.6e3437ac
date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 94,104.126.37.36
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=6, inner; dur=2
content-length: 1520
pragma: no-cache
server: nginx
x-tt-logid: 2023101412104729E2EEEE2D41F1D6451E
x-cache-remote: TCP_MISS from a23-220-106-199.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.106.199
x-tt-trace-host: 013de2ff59b67152c9e07fa2f4ad3e3660a87d8b525c0c6413da03a78d93176eddaab87a725d321d13e3227981730f287d2614e5392321d36e8982393b046c6c9573d9357d906311d94108a9b81abd2469baf3192c9b305161675d5d654d47d1a65aa90858944cf6b9619a444940bc73ba
expires: Sat, 14 Oct 2023 12:10:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 68ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 12:10:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: fgslRv7TS/UT3BuOdEz3xvgFpLc10NILCudlUvToJz+WBmvPHMdxZBcNXSMC7uwNs586x02G7pQhB24aedi6cg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 76ms
23ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 11:40:15 GMT
content-encoding: gzip
age: 1832
x-guploader-uploadid: ADPycdvz2dLbsLO-Q1ayi9DxOJCJlgXxFlrR7bKlI0yTE7ULBuz8X-eIQymSm5WQwCS4MIsJraj_sXwvhaxmV4EvJEaR3g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Sat, 14 Oct 2023 12:40:15 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/8FBACF3C-802A-91A1-4CF0-ACC010E4B9E0/ 37 B
261 B 433ms
140ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/8FBACF3C-802A-91A1-4CF0-ACC010E4B9E0/btp.js
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 182bb4844b04436b05b49fed78fee343e206eadc58325948b48d8bfeda18c281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 15:56:33 GMT
server: Microsoft-IIS/10.0
etag: "f6c3cd77c213d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 60

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 152ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=n5sewaa&ct=0:zrv6wlj&fmt=3
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 GetCSS
chat.satis.fi/popup/ 56 KB
5 KB 137ms
135ms Stylesheet
text/css 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/popup/GetCSS
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4695f3ec487a9955bdcae80ccfd4467a90d71b7f7e54189088acdd23f4c9e393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: gzip
via: 1.1 google
server: Microsoft-IIS/10.0
etag: 4494147E9FBCD45D95644B39D209F69E
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4532

GET
H3 200 GetAWSConfig Show response
chat.satis.fi/Default/ 197 B
213 B 182ms
135ms Fetch
application/json 34.111.146.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://chat.satis.fi/Default/GetAWSConfig
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.146.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.146.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 25eca592f3785484d9098120c463294ce6e805e7c5a8ccf81a8b8b35f2de91e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedthemusical.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 84ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2TH76WHGSC&gtm=45je3ab0&_p=670001073&_gaz=1&cid=2017322913.1697285448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1697285447&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 86ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2TH76WHGSC&cid=2017322913.1697285448&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 80ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2TH76WHGSC&gtm=45je3ab0&_p=670001073&cid=2017322913.1697285448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1697285447&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view_official&_c=1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TH76WHGSC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 99ms
46ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2TH76WHGSC&cid=2017322913.1697285448&gtm=45je3ab0&aip=1&z=1634670717

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NBCU_logo.png
cdn.cookielaw.org/logos/17e5cb00-ad90-47f5-a58d-77597d9d2c16/d44e374b-e570-4884-9441-33c0ccae5431/959d0f3c-d044-46db-bc43-cbca0284a92d/ 8 KB
8 KB 55ms
54ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/17e5cb00-ad90-47f5-a58d-77597d9d2c16/d44e374b-e570-4884-9441-33c0ccae5431/959d0f3c-d044-46db-bc43-cbca0284a92d/NBCU_logo.png

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e24fae615ef4f4736e61297ed889205e904fa8043df4a6e293d06b04ff7dd02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bARg0xmLydmFqu63Cj6+PQ==
age: 77103
content-length: 8170
x-ms-lease-status: unlocked
last-modified: Fri, 11 Dec 2020 18:05:34 GMT
server: cloudflare
etag: 0x8D89DFF5AFC0247
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 11c279d2-101e-0042-0fe1-5af3f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 815fb8a179852bb9-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 53ms
52ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 52099
x-ms-lease-status: unlocked
last-modified: Thu, 12 Oct 2023 17:37:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5d6c045a-301e-000b-1336-fdc2e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 815fb8a1798a2bb9-FRA

GET
H2 200 adsct
t.co/i/ 43 B
377 B 172ms
125ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d6a6a535-9d3b-4075-84ed-6d6484aa1b6f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=59d41e54-1cd3-4928-a691-2c0df19551d7&tw_document_href=https%3A%2F%2Fwickedthemusical.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzoxs&type=javascript&version=2.3.29

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 102
date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ea2a46351af26dc7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7d6e01b84843913cd7ccb245f954158c91f916d2872855dbe99b26365a8dee41
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 166ms
123ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d6a6a535-9d3b-4075-84ed-6d6484aa1b6f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=59d41e54-1cd3-4928-a691-2c0df19551d7&tw_document_href=https%3A%2F%2Fwickedthemusical.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzoxs&type=javascript&version=2.3.29

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 102
date: Sat, 14 Oct 2023 12:10:47 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9aae47ee829ece5d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: fe0f56333baabe5d727584e8fbf32323aed4d377d2a63a468e262a19719562cb
content-length: 43

GET
H3

200

activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep... Show response
2179121.fls.doubleclick.net/ Frame A5DD
Redirect Chain

https://2179121.fls.doubleclick.net/activityi;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
https://2179121.fls.doubleclick.net/activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;ua...

462 B
292 B

69ms
68ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2179121.fls.doubleclick.net/activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

f5225e82e1a6fd7438af51dbdc050bcb8a5d35eec33f26932f66bf30c9dfdb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 269
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:48 GMT
expires: Sat, 14 Oct 2023 12:10:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2179121.fls.doubleclick.net/activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 11:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1265
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Oct 2023 13:49:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVGL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76b8d0e5118d7d499b3caf3b047292952d2af69ccd1973030d38328887e1b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 12:10:47 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/951685876/ 42 B
455 B 86ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/951685876/?random=1697285447715&cv=11&fst=1697284800000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwickedthemusical.com%2F&label=krl8CO75t3oQ9KXmxQM&frm=0&tiba=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&fmt=3&is_vtc=1&random=2451456233&rmt_tld=0&ipr=y

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/951685876/ 42 B
154 B 36ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/951685876/?random=1697285447715&cv=11&fst=1697284800000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwickedthemusical.com%2F&label=krl8CO75t3oQ9KXmxQM&frm=0&tiba=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&fmt=3&is_vtc=1&random=2451456233&rmt_tld=1&ipr=y

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 704711839614346 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/704711839614346?v=2.9.134&r=stable&domain=wickedthemusical.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

653a7e1ebee694dabeef2cabe0022e0714f49f337d0e42056a4b065f55d12d99

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: PSZqMwiq9nB5SXj8PMtfnpnjLaak264MRqwKr9fv6vNBjIocL9ZMS4qqSHtbmvgSZSLJ/erthHcHmu+38d1rAw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
121 B 199ms
197ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d2ce21b1c6d4c118416e0ae644f2b8c3
cache-control: private
function-execution-id: 92bz001jm0p1
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 237ms
156ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wickedthemusical.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 12:10:48 GMT
function-execution-id: dxrh8t021ygl
server: Google Frontend
x-cloud-trace-context: c150a41ddc722139fc6897a3381d72f5

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/ Frame CC3F
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1162&sg=WICK&pg=ot&
https://tag.yieldoptimizer.com/ps/ps?tc=739865165&t=s&p=1162&sg=WICK&pg=ot&

1 KB
2 KB

33ms
32ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=739865165&t=s&p=1162&sg=WICK&pg=ot&
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: a59e7227caac11d6f4523333857d17c0edb466e269f494d4afdc23cdda041525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=739865165&t=s&p=1162&sg=WICK&pg=ot&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ Frame CC3F 0
185 B 71ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=10154456902266016&ev=ViewContent&cd[currency]=USD&cd[value]=0.00

Requested by

Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwick...
adservice.google.com/ddm/fls/z/ Frame CC3F 42 B
107 B 143ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedth...
adservice.google.com/ddm/fls/z/ Frame 0298 42 B
401 B 128ms
61ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Requested by

Host: 5549924.fls.doubleclick.net
URL: https://5549924.fls.doubleclick.net/activityi;dc_pre=CJ_3zYHB9YEDFYwKogMdW4MPTA;src=5549924;type=sitev0;cat=wicke0;ord=1;num=7845121836776;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 250611 Show response
beacon.sojern.com/pixel/p/ Frame CC3F 4 KB
1 KB 110ms
33ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/250611?f_v=v6_js&p_v=1&pc=&vid=tou&cid=
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 47f257ea7399de43c2eb68ca7a85fa06e0c099c8194b0072d6b9a57a16add95b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 778

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 0298 198 KB
52 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: fgslRv7TS/UT3BuOdEz3xvgFpLc10NILCudlUvToJz+WBmvPHMdxZBcNXSMC7uwNs586x02G7pQhB24aedi6cg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 26ms
25ms Script
application/javascript 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5O9M5LQ5ECR7VU4EUN0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 6e34388a
date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023092112382042B7385D20B99D41419B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0106d00fbca3edb302cba5da886c99eead2e34f80356c3676f6f4fb4434be70d5ce5388a92a61da561c38203ae115feea416fa39020c08589985637135e24540ed4b7c0be6bc32d2897fc0a13d484583b7f8e36ed140e925c0edef962a3ae11835
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=17
content-length: 100951

GET
H2 200 main.b4887131.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 48ms
47ms Script
application/javascript 2a02:26f0:3100:3a9::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:3a9::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18175

GET
H2 200 PopupConfig-4455.js Show response
prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/PopupConfigs/ 1 KB
2 KB 210ms
149ms Script
application/javascript 35.244.160.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/PopupConfigs/PopupConfig-4455.js?v=7a46fa3c-923c-42bc-8f4b-61cc1ec2ee79
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.160.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.160.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 00d0b26a698296dbeb480aab5598658adbe6c951dbba62e94ac0c626d9f13709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
age: 0
x-guploader-uploadid: ADPycdubJgVq5wRY4k97EbXekWxtpNtTpd6wf_Vm0mRQ6Xaj0_3Txt9mOfsLVZbWtiQmLMShXXe1rxWMaySvPDq8_l8NiQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1391
last-modified: Mon, 31 Oct 2022 17:59:16 GMT
server: UploadServer
etag: "8c7ac7271b50c839a8dc8dc86f8da156"
x-goog-generation: 1667239156488397
x-goog-hash: crc32c=8tnGBg==, md5=jHrHJxtQyDmo3I3Ib42hVg==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public,max-age=0
x-goog-stored-content-length: 1391
accept-ranges: bytes

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
225 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=670001073&t=pageview&_s=1&dl=https%3A%2F%2Fwickedthemusical.com%2F&ul=en-us&de=UTF-8&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=523105495&gjid=1227751761&cid=2017322913.1697285448&tid=UA-900530-2&_gid=1921368688.1697285448&_r=1&_slc=1&gtm=45He3ab0n51NVGL&z=985582820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

d336f19d405a8392dc7debeab2cc60008c41a1da17f3e9173f853e412af9d601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DGMCRNLESF&gtm=45je3ab0&_p=670001073&_gaz=1&cid=2017322913.1697285448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1697285448&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 30ms
29ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DGMCRNLESF&cid=2017322913.1697285448&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DGMCRNLESF&gtm=45je3ab0&_p=670001073&cid=2017322913.1697285448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1697285448&sct=1&seg=0&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&en=page_view_official&_c=1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGMCRNLESF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
48ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DGMCRNLESF&cid=2017322913.1697285448&gtm=45je3ab0&aip=1&z=414320998

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwick...
adservice.google.com/ddm/fls/z/ Frame A5DD 42 B
107 B 63ms
63ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=*;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F

Requested by

Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CI_a1IHB9YEDFaoOogMdmmEABA;src=2179121;type=sitev592;cat=wicke029;ord=1;num=6623642220663;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-900530-2&cid=2017322913.1697285448&jid=523105495&gjid=1227751761&_gid=1921368688.1697285448&_u=YCDACEAABAAAACAAI~&z=1839052406

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
84 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebffa853a9f60222b452dfcac671de6b33d41fcf445e76119e48a998dec52a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85516
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 12:10:48 GMT

GET
H2 200 calendar-week-80d1259df9.css
wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/styles/ 2 KB
661 B 117ms
116ms Stylesheet
text/css 35.171.141.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/styles/calendar-week-80d1259df9.css
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/wp-content/plugins/ticket-calendar/dist/scripts/ticket-calendar-1f567e1720.js?ver=2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.171.141.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-141-94.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a380d800bbe09bdab2c05f9d57e5e61b7b0f89df61c265f1ab76ca16f53c24cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 13:51:55 GMT
server: nginx
etag: W/"64c2767b-675"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 49ms
48ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-900530-2&cid=2017322913.1697285448&jid=523105495&_u=YCDACEAABAAAACAAI~&z=1342270291

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-900530-2&cid=2017322913.1697285448&jid=523105495&_u=YCDACEAABAAAACAAI~&z=1342270291

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1716462331980126 Show response
connect.facebook.net/signals/config/ Frame 0298 132 KB
34 KB 112ms
111ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1716462331980126?v=2.9.134&r=stable&domain=wickedthemusical.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11eb7abae69c1680f959cd29f4cc4a5943116d3822e96854aab9b1ea156c13b3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Ps4jXrQWC9E7wfRqwabhlPewo92qQmfgA7vS8dftDRTMj7SEuyB09DIDroW0NciwUZVUgoZfQuhJRLD+WFGkKA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=704711839614346&ev=PageView&dl=https%3A%2F%2Fwickedthemusical.com%2F&rl=&if=false&ts=1697285448158&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697285448157.1362805595&ler=empty&it=1697285447979&coo=false&rqm=GET

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=704711839614346&ev=ViewContent&dl=https%3A%2F%2Fwickedthemusical.com%2F&rl=&if=false&ts=1697285448161&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=30&fbp=fb.1.1697285448157.1362805595&ler=empty&it=1697285447979&coo=false&rqm=GET

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 37ms
37ms Script
application/javascript 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 6e343923
date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907123109965FF7FD56B4FDA2B742
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018e6f11c82620c76e917ef32c34452e61a10d9da225780af0b4dc76c7d8fe9c21298dc32e544ddc91c30f808586c072b81a430e544e9c1aa6611871fb315e88bc683c4ec5b16e62757e13f8457740376a9b154c7b83cc082398c38f2152c3d4b5
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length: 35748

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
651 B 211ms
210ms Ping
text/plain 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6e34393c
date: Sat, 14 Oct 2023 12:10:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing: inner; dur=85, cdn-cache; desc=MISS, edge; dur=9, origin; dur=178
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231014121048857568755FDF4BD52556
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 178,104.126.37.36
x-tt-trace-host: 013de2ff59b67152c9e07fa2f4ad3e3660c4e75e281c5f2ed3876008f1e7dc5a5c1a728eb87bc084bf595b2631a349c26fb26f633097f15141534173d671c267d7748ffacfadfb6ff5ac7034ca172c4be6582691b9796858de86f0349029505330
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 12:10:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
651 B 152ms
151ms Ping
text/plain 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6e343942
date: Sat, 14 Oct 2023 12:10:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=5, origin; dur=120
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310141210488C104D425CAABF8EEBAF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 120,104.126.37.36
x-tt-trace-host: 013de2ff59b67152c9e07fa2f4ad3e3660c4e75e281c5f2ed3876008f1e7dc5a5c5769e704dc7d9f4cbb367e4f00878e08f979b3b8a42772c381edc97ab688e760bb2435f0f1207d8c02e9d2e87964ded616b9171135d44f1936253cdfb82c5da1
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 12:10:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
650 B 156ms
156ms Ping
text/plain 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6e343943
date: Sat, 14 Oct 2023 12:10:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing: inner; dur=34, cdn-cache; desc=MISS, edge; dur=7, origin; dur=123
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310141210482E3A08587C4250D1C54D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 124,104.126.37.36
x-tt-trace-host: 013de2ff59b67152c9e07fa2f4ad3e3660c4e75e281c5f2ed3876008f1e7dc5a5c032a1c71737bb60e55e7aff82064b825e02b35e5ffcb8e615cdcdf549015ac2aa8a4e3fa3b0f2d65c530d500eeb5a4378c37d764a381b8045ae5bc9513432ee1
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 12:10:48 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CC3F 170 B
409 B 101ms
30ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzcxNzYxNjc3Mw&google_sc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CC3F 70 B
148 B 56ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 451 394499.gif
idsync.rlcdn.com/ Frame CC3F 0
98 B 90ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3017717616773
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ Frame CC3F 0
388 B 91ms
32ms Image
text/plain 35.241.54.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNzcxNzYxNjc3M3wxNjk3Mjg1NDQ4MTA0
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/ Frame CC3F
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8546338;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_co...
https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_con...

42 B
107 B

61ms
61ms

Image
image/gif

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1

Requested by

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8546338;dc_pre=CPjw6YHB9YEDFWnhOwId0scDaw;type=invmedia;cat=lifeo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame CC3F
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2569224470906156407

43 B
68 B

32ms
31ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2569224470906156407
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2569224470906156407
pragma: no-cache
date: Sat, 14 Oct 2023 12:10:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame CC3F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3017717616773
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017717616773

42 B
942 B

96ms
95ms

Image
image/gif

34.254.70.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017717616773

Requested by

Protocol

HTTP/1.1

Server

34.254.70.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-70-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v052-05b97e6d1.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: V9h7eI18SCY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v052-0b4665895.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: xIoGfjQxTzQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017717616773
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame CC3F 0
338 B 168ms
47ms Image
text/plain 52.31.202.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3017717616773
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.202.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Sat, 14 Oct 2023 12:10:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1697285448
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame CC3F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=adara
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=ZgfMTJm3Wvx6OHYt-Rpo2FQTr7c

43 B
68 B

32ms
31ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=ZgfMTJm3Wvx6OHYt-Rpo2FQTr7c
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=ZgfMTJm3Wvx6OHYt-Rpo2FQTr7c
Date: Sat, 14 Oct 2023 12:10:48 GMT
Connection: keep-alive
Content-Length: 110
Content-Type: text/html; charset=utf-8

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame CC3F 198 KB
52 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: fgslRv7TS/UT3BuOdEz3xvgFpLc10NILCudlUvToJz+WBmvPHMdxZBcNXSMC7uwNs586x02G7pQhB24aedi6cg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531 Show response
5451832.fls.doubleclick.net/ Frame BA1E
Redirect Chain

https://5451832.fls.doubleclick.net/activityi;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531?
https://5451832.fls.doubleclick.net/activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531?

389 B
235 B

166ms
166ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5451832.fls.doubleclick.net/activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

29bf50348831dfcd0b689d756513398fc8ed6b9e31caefe3d6e0728c6a52337f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2179121.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:48 GMT
expires: Sat, 14 Oct 2023 12:10:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 12:10:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5451832.fls.doubleclick.net/activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
813 B 104ms
49ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614997868974&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1697285448240&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 9345853939987982
content-length: 385
pin-unauth: dWlkPVkyTmlZemhpTnpZdE4yVmhZeTAwTWpjeExUZzRZamN0TVRNM05URmlZVFU1WldKaA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedthemusical.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
502 B 103ms
49ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614997868974&cb=1697285448241&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1859411047982411
content-length: 385
pin-unauth: dWlkPU5UbGpabU5qWXpjdE4ySXlNUzAwWldVeUxUZzJOelF0Wm1Nd09HTmhOVGcxTXpNMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wickedthemusical.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
adservice.google.com/ddm/fls/z/ Frame CC3F
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9836704;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
https://ad.doubleclick.net/ddm/activity/src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

42 B
107 B

61ms
61ms

Image
image/gif

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID

Requested by

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9836704;dc_pre=CJ706YHB9YEDFUTeOwIdxxYKzg;type=track0;cat=wicke0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=orderID
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame CC3F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ygwHb0fV9UMm-ewuHJknsQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBS...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC&sjrn_ula=903923083&google_gid=CAESEJwRMUMFgfSRwazp3-5dOLo&google_cver=1

42 B
283 B

39ms
32ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC&sjrn_ula=903923083&google_gid=CAESEJwRMUMFgfSRwazp3-5dOLo&google_cver=1
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC&sjrn_ula=903923083&google_gid=CAESEJwRMUMFgfSRwazp3-5dOLo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame CC3F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=ygwHb0fV9UMm-ewuHJknsQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoqJ327LeH7q9rrF2KMdyqc4GjKJacd5BppK3eE7PHAUFbCeEq36FSKqIPMqdKs-g2bLCD1k3cz_bU1oO5VCsGwTJNVsU5vafZCVy890zz2pYrIE6Mw
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqJ327LeH7q9rrF2KMdyqc4GjKJacd5BppK3eE7PHAUFbCeEq36FSKqIPMqdKs-g2bLCD1k3cz_bU1oO5VCsGwTJNVsU5vafZCVy890zz2pYrIE6Mw

170 B
432 B

261ms
31ms

Image
image/png

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqJ327LeH7q9rrF2KMdyqc4GjKJacd5BppK3eE7PHAUFbCeEq36FSKqIPMqdKs-g2bLCD1k3cz_bU1oO5VCsGwTJNVsU5vafZCVy890zz2pYrIE6Mw

Requested by

Protocol

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqJ327LeH7q9rrF2KMdyqc4GjKJacd5BppK3eE7PHAUFbCeEq36FSKqIPMqdKs-g2bLCD1k3cz_bU1oO5VCsGwTJNVsU5vafZCVy890zz2pYrIE6Mw
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame CC3F
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3D-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC
https://pixel.sojern.com/idsync/apn?id=1900207874094451200&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC

42 B
263 B

32ms
32ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=1900207874094451200&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
an-x-request-uuid: c6ddc2bb-2fe8-4e8d-91d3-8f1e22bf6a80
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=1900207874094451200&sjrn_id=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC
x-proxy-origin: 84.19.175.183; 84.19.175.183; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CC3F 70 B
148 B 49ms
48ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=-6RoPFwfFF4GEcHqkxV7lycxXHNIVexJ-RiOGbMFAxcAN5C7TBSiSzvvy9_YKkIC&ttd_tpi=1
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

202

adf
pixel.sojern.com/idsync/ Frame CC3F
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1&party=1296
https://pixel.sojern.com/idsync/adf?adfid=1324932835529037803&cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1

0
13 B

34ms
33ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=1324932835529037803&cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1
Requested by: Host: 2179121.fls.doubleclick.net
URL: https://2179121.fls.doubleclick.net/activityi;dc_pre=CKeZzYHB9YEDFYQQogMdD9cIow;src=2179121;type=sitev592;cat=sitev000;ord=1;num=9823983079378;auiddc=1519149132.1697285448;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwickedthemusical.com%2F?
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=1324932835529037803&cid=ca0c076f-47d5-f543-26f9-ec2e1c9927b1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
184 B 105ms
54ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614997868974&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwickedthemusical.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1697285448244
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1535614441376836
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WLHS4QYPZV&_ono=1&gtm=45je3ab0&_p=670001073&_gaz=1&ul=en-us&sr=1600x1200&cid=2017322913.1697285448&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EhAI&_s=1&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sid=1697285448&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 30ms
30ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-WLHS4QYPZV&cid=2017322913.1697285448&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WLHS4QYPZV&_ono=1&gtm=45je3ab0&_p=670001073&ul=en-us&sr=1600x1200&cid=2017322913.1697285448&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=2&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sid=1697285448&sct=1&seg=0&cu=USD&en=site_visit2&_c=1&epn.value=0&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WLHS4QYPZV&_ono=1&gtm=45je3ab0&_p=670001073&ul=en-us&sr=1600x1200&cid=2017322913.1697285448&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABgI&_s=3&dl=https%3A%2F%2Fwickedthemusical.com%2F&dt=Wicked%20The%20Musical%20%7C%20Official%20Broadway%20Site&sid=1697285448&sct=1&seg=0&cu=USD&en=site_visit&_c=1&epn.value=0&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLHS4QYPZV&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wickedthemusical.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-WLHS4QYPZV&cid=2017322913.1697285448&gtm=45je3ab0&aip=1&z=1124682171

Requested by

Host: wickedthemusical.com
URL: https://wickedthemusical.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 popuptheme-1603.css Show response
prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/ThemeFiles/ 2 KB
2 KB 197ms
151ms Fetch
text/css 35.244.160.208
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-satisfilabs-resources-gcs.satis.fi/ClientAssets/ThemeFiles/popuptheme-1603.css?v=a6198f1a-b197-45e0-b7e2-578cf2685b00
Requested by: Host: chat.satis.fi
URL: https://chat.satis.fi/popup/embedder
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.160.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 208.160.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 823cebd619645289fb908bb824c6aafeb83c8e3c48aff4f011f02c1881025e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:10:48 GMT
age: 0
x-guploader-uploadid: ADPycdt_8HsvLaTJsmM80u8B-otj8kzRzFAdQj37YSBdlUoOg02h-NzQ2X9wdT6NNOhZh-_cONQNd1pj6jhZuWooOoeY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1892
last-modified: Mon, 31 Oct 2022 18:04:23 GMT
server: UploadServer
etag: "90e2c010c9f19c6b3bac04b06731832e"
x-goog-generation: 1667239463297845
x-goog-hash: crc32c=K6n3Yw==, md5=kOLAEMnxnGs7rASwZzGDLg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=0
x-goog-stored-content-length: 1892
accept-ranges: bytes
content-type: text/css

GET
H3 200 /
www.facebook.com/tr/ Frame 0298 0
18 B 22ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1716462331980126&ev=PageView&dl=https%3A%2F%2F5549924.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ_3zYHB9YEDFYwKogMdW4MPTA%3Bsrc%3D5549924%3Btype%3Dsitev0%3Bcat%3Dwicke0%3Bord%3D1%3Bnum%3D7845121836776%3Bauiddc%3D1519149132.1697285448%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwickedthemusical.com%252F%3F&rl=https%3A%2F%2Fwickedthemusical.com%2F&if=true&ts=1697285448316&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&ler=other&it=1697285448152&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5549924.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 370148890047650 Show response
connect.facebook.net/signals/config/ Frame CC3F 132 KB
34 KB 149ms
149ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/370148890047650?v=2.9.134&r=stable&domain=wickedthemusical.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8f2dd81663e67e22c9d750f91b1ec0323328264c191428d1f0bfcc37869c8b3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 1x4Grb5X0Jr1B4lNSVUu48tI3sc6+DdVn/2pQxKWHZQUqR+Si4VpN7bgP5qOvsB7vxCo/gwOmhwXO1yvLE4w/g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 59ms
59ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614997868974&cb=1697285448351&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVkyTmlZemhpTnpZdE4yVmhZeTAwTWpjeExUZzRZamN0TVRNM05URmlZVFU1WldKaA%22%2C%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwickedthemusical.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: wickedthemusical.com
URL: https://wickedthemusical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wickedthemusical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1748508089880963
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
651 B 160ms
159ms Ping
text/plain 104.126.37.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-40.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6e3439fe
date: Sat, 14 Oct 2023 12:10:48 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-36.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing: inner; dur=29, cdn-cache; desc=MISS, edge; dur=9, origin; dur=126
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310141210484BAFA9A996BE6FD5ECCB
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 127,104.126.37.36
x-tt-trace-host: 013de2ff59b67152c9e07fa2f4ad3e3660c4e75e281c5f2ed3876008f1e7dc5a5c6d3d1d189b74c0d49cc3545dacd65a1d3d3df209ba2f5fe5c96deeae14bf20fbc8b1d9e2df776a56046481b1905e9f3af30dddfc2f2095b65eeae1c185ae620c
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 12:10:48 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame CC3F 0
15 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=370148890047650&ev=PageView&dl=https%3A%2F%2F2179121.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKeZzYHB9YEDFYQQogMdD9cIow%3Bsrc%3D2179121%3Btype%3Dsitev592%3Bcat%3Dsitev000%3Bord%3D1%3Bnum%3D9823983079378%3Bauiddc%3D1519149132.1697285448%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwickedthemusical.com%252F%3F&rl=https%3A%2F%2Fwickedthemusical.com%2F&if=true&ts=1697285448481&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&ler=other&it=1697285448319&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2179121.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 12:10:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531
adservice.google.com/ddm/fls/z/ Frame BA1E 42 B
63 B 60ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531

Requested by

Host: 5451832.fls.doubleclick.net
URL: https://5451832.fls.doubleclick.net/activityi;dc_pre=CJSg6YHB9YEDFVmmGAodlBoFpA;src=5451832;type=wicke009;cat=wicke0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9802165258920.531?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5451832.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 12:10:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 4BDF 565 B
401 B 51ms
51ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 12:10:48 GMT
pinterest-version: 6b5218ade0d05685881b70d3473495bf89d60013
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1444204431321557

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame FD18 0
59 B 48ms
48ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ne6bxp1&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=7097zv2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5FC2 0
59 B 49ms
49ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=m7hla2z&ref=https%3A%2F%2Fwickedthemusical.com%2F&upid=gwhirxm&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wickedthemusical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Sat, 14 Oct 2023 12:10:48 GMT
server: Kestrel

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fonts.net/	1970-01-20 15:28:07	Name: __cf_bm Value: 7UI.rZNjmbMjy1O7uXfXAnK99awSWjz.6qiCOGQx3W0-1697285447-0-ASlWtKY+wnVFS3h9e76Fs6f3loODPs5KZxtLAxvcRcM/9ns2DweTsUryQ4cXWlpgLQ3T1GnYzID8mRrTfpaq5lg=
wickedthemusical.com/	1970-01-21 00:13:41	Name: usprivacy Value: 1---
.wickedthemusical.com/	1970-01-20 17:37:41	Name: _gcl_au Value: 1.1.1519149132.1697285448
.wickedthemusical.com/	1970-01-21 01:04:05	Name: _ga_2TH76WHGSC Value: GS1.1.1697285447.1.0.1697285447.60.0.0
.wickedthemusical.com/	1970-01-21 00:13:41	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Oct+14+2023+14%3A10%3A47+GMT%2B0200+(Central+European+Summer+Time)&version=6.39.0&hosts=&consentId=1293ae69-a40e-4e17-9ff8-03a1d45884dd&interactionCount=0&landingPath=https%3A%2F%2Fwickedthemusical.com%2F&groups=1%3A1%2C9%3A1%2C10%3A1%2C12%3A1%2C11%3A1%2C13%3A1%2COOF%3A1%2Cdummy%3A1
wickedthemusical.com/	1970-01-21 00:13:41	Name: __pdst Value: 3b384a36b86440829337696468ee4668
.tiktok.com/	1970-01-21 00:49:41	Name: _ttp Value: 2WknSlNTB7mz7uVf1K2H4pi3CmE
.doubleclick.net/	1970-01-21 00:49:41	Name: IDE Value: AHWqTUmD_oP1D_iPpKs8WELp1BeuzwpylCSZffKreaLWUqlRRYFEgW1uJDzHqPeeRb0
.wickedthemusical.com/	1970-01-20 15:29:31	Name: _gid Value: GA1.2.1921368688.1697285448
.wickedthemusical.com/	1970-01-20 15:28:05	Name: _gat_UA-900530-2 Value: 1
.wickedthemusical.com/	1970-01-21 01:04:05	Name: _ga Value: GA1.1.2017322913.1697285448
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: cktst Value: 739865165
.wickedthemusical.com/	1970-01-21 01:04:05	Name: _ga_DGMCRNLESF Value: GS1.1.1697285448.1.0.1697285448.60.0.0
.twitter.com/	1970-01-21 01:04:05	Name: personalization_id Value: "v1_Xj5rJVmTsaHhDaJKL7Yj3A=="
.t.co/	1970-01-21 01:04:05	Name: muc_ads Value: 9b1604cb-1377-47bc-81d5-d6f250e89894
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: ckid Value: 3017717616773
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: ph Value: %7B%22p%22%3A%5B1025%2C1490%2C1203%2C1493%2C39%2C1305%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B129588%2C129588%2C129588%2C129588%2C129588%2C129588%2C129588%2C129588%2C129588%5D%7D
.wickedthemusical.com/	1970-01-20 17:37:41	Name: _fbp Value: fb.1.1697285448157.1362805595
.wickedthemusical.com/	1970-01-21 00:49:41	Name: _tt_enable_cookie Value: 1
.wickedthemusical.com/	1970-01-21 00:49:41	Name: _ttp Value: s8SQa4iIzqt_nrqDp9y0IN0VJnN
.wickedthemusical.com/	1970-01-21 01:04:05	Name: _ga_WLHS4QYPZV Value: GS1.2.1697285448.1.0.1697285448.60.0.0
.adaraanalytics.com/	1970-01-21 00:13:41	Name: ckid Value: 3017717616773
.adaraanalytics.com/	1970-01-21 00:13:41	Name: aackid Value: 3017717616773
.wickedthemusical.com/	1970-01-21 00:13:41	Name: _pin_unauth Value: dWlkPVkyTmlZemhpTnpZdE4yVmhZeTAwTWpjeExUZzRZamN0TVRNM05URmlZVFU1WldKaA
.pinterest.com/	1970-01-21 00:13:41	Name: ar_debug Value: 1
.turn.com/	1970-01-20 19:47:17	Name: uid Value: 2569224470906156407
.sojern.com/	1970-01-21 00:13:41	Name: gid Value: CAESEJwRMUMFgfSRwazp3-5dOLo
.sojern.com/	1970-01-21 00:13:41	Name: cid Value: ca0c076f-47d5-f543-26f9-ec2e1c9927b1#1697241600000
.krxd.net/	1970-01-20 19:47:17	Name: _kuid_ Value: P2rxJUxq
.ct.pinterest.com/	1970-01-21 00:13:41	Name: _pinterest_ct_ua Value: "TWc9PSZacnQ1MTdDays3NjkzTW5xOStWUTNxZm5wRDZldE1pYjVhdnY2U3lxT0xWOTZYMXdGQVhSSHBuVm1OUEdRS25raXdrMlovaTNkTzBKQkxyRS9CYWpJTWpDb1BVVmROdTB1SjdFZkZZTzhwND0mMGc4djI4TmxtcTVpeGFrcEh0dUdQK2JPWEpFPQ=="
.adnxs.com/	1970-01-20 17:37:41	Name: uuid2 Value: 1900207874094451200
.adform.net/	1970-01-20 16:12:43	Name: C Value: 1
.sojern.com/	1970-01-20 17:37:41	Name: apnid Value: 1900207874094451200
.adform.net/	1970-01-20 16:54:29	Name: uid Value: 1324932835529037803
.sojern.com/	1970-01-21 00:13:41	Name: adfid Value: 1324932835529037803
.demdex.net/	1970-01-20 19:47:17	Name: demdex Value: 82589492220214165302197266935272374920
.dpm.demdex.net/	1970-01-20 19:47:17	Name: dpm Value: 82589492220214165302197266935272374920
sync.srv.stackadapt.com/	1970-01-21 00:13:41	Name: sa-user-id Value: s%3A0-6607cc4c-99b7-5afc-7a38-762df91a68d8.GyswUnAcCcNVj%2FsMcwQgDx7JvYptIHTAPzmRMQ3giwY
.srv.stackadapt.com/	1970-01-21 00:13:41	Name: sa-user-id Value: s%3A0-6607cc4c-99b7-5afc-7a38-762df91a68d8.GyswUnAcCcNVj%2FsMcwQgDx7JvYptIHTAPzmRMQ3giwY
sync.srv.stackadapt.com/	1970-01-21 00:13:41	Name: sa-user-id-v2 Value: s%3AZgfMTJm3Wvx6OHYt-Rpo2FQTr7c.s3t6CAlHRd4HuzZtHmRZPFwQRlP4pjgDmaIIVXvrqLc
.srv.stackadapt.com/	1970-01-21 00:13:41	Name: sa-user-id-v2 Value: s%3AZgfMTJm3Wvx6OHYt-Rpo2FQTr7c.s3t6CAlHRd4HuzZtHmRZPFwQRlP4pjgDmaIIVXvrqLc
sync.srv.stackadapt.com/	1970-01-21 00:13:41	Name: sa-user-id-v3 Value: s%3AAQAKIBzsIsZHvoG0fW3pNiRL49aSYdlJV3gnfKBPMLolaFPDEHwYBCDIiqqpBjABOgTwLrJgQgT-jzhB.0DSrHlttD4MrlesWxNhvN%2BlFDeYP2RmtpsocE0mr%2FBo
.srv.stackadapt.com/	1970-01-21 00:13:41	Name: sa-user-id-v3 Value: s%3AAQAKIBzsIsZHvoG0fW3pNiRL49aSYdlJV3gnfKBPMLolaFPDEHwYBCDIiqqpBjABOgTwLrJgQgT-jzhB.0DSrHlttD4MrlesWxNhvN%2BlFDeYP2RmtpsocE0mr%2FBo
.yieldoptimizer.com/	1970-01-21 00:13:41	Name: dph Value: %7B%22t%22%3A%5B129588%2C129588%2C129588%5D%2C%22dp%22%3A%5B8064%2C4889%2C1162%5D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3017717616773 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2179121.fls.doubleclick.net
5451832.fls.doubleclick.net
5549924.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
beacon.krxd.net
beacon.sojern.com
c1.adform.net
cdn.cookielaw.org
cdn.pdst.fm
chat.satis.fi
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
d.turn.com
d1rx0dtgjk9kr3.cloudfront.net
dpm.demdex.net
fast.fonts.net
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
pixel.sojern.com
prod-satisfilabs-resources-gcs.satis.fi
region1.analytics.google.com
s.pinimg.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
t.co
tag.adaraanalytics.com
tag.yieldoptimizer.com
us-central1-adaptive-growth.cloudfunctions.net
wickedthemusical.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rtb123.com
104.126.37.40
104.244.42.131
104.244.42.197
107.178.244.119
108.138.15.119
142.250.185.102
142.250.74.198
146.75.116.157
151.101.192.84
185.89.210.90
2001:4860:4802:32::36
2001:4860:4802:36::36
2001:678:cb4:bbbb::13
216.58.206.34
2600:9000:2250:dc00:15:2f34:53c0:21
2606:4700:4400::ac40:9b77
2606:4700::6810:fa43
2606:4700::6812:83ec
2a00:1450:4001:801::200e
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9a
2a02:26f0:3100:3a9::1931
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.33.220.150
34.111.146.217
34.254.70.163
35.171.141.94
35.186.212.60
35.241.54.161
35.244.142.80
35.244.160.208
35.244.174.68
37.157.5.84
52.31.202.102
52.6.39.46
67.225.220.126
00d0b26a698296dbeb480aab5598658adbe6c951dbba62e94ac0c626d9f13709
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11eb7abae69c1680f959cd29f4cc4a5943116d3822e96854aab9b1ea156c13b3
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
159ec23a6b35726aca57348e6615a6db4fa63c8bb12490cca4d260c8e05f9434
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
182bb4844b04436b05b49fed78fee343e206eadc58325948b48d8bfeda18c281
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f
1f3c87ba47b56f47598b859329db45ed981071aaf2f887e0f385e5745af16118
1f751d3740ea83b3d42100e1bf23b0b17d5b4c4ff3bdf9badd42ba03a814896f
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
25eca592f3785484d9098120c463294ce6e805e7c5a8ccf81a8b8b35f2de91e1
29bf50348831dfcd0b689d756513398fc8ed6b9e31caefe3d6e0728c6a52337f
2b6d9d704f5f813d0390ca421e1a1923381ca46c8681da593c426884e1a5858b
31a1e6b3fa6da6aa1874ccd12f654a652ae5681b7aa7b7e7fdcf6b126e08a7b3
331852fd9912583b03043c973d33d23b2711924f3731bd8bcd31b7000a6d4a60
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f
3f2bf166f3ec51fb4f4f30863527658488e638f5c34f5b7374de3aaac9383be7
4695f3ec487a9955bdcae80ccfd4467a90d71b7f7e54189088acdd23f4c9e393
47f257ea7399de43c2eb68ca7a85fa06e0c099c8194b0072d6b9a57a16add95b
4d0368be2b71c0c2fb9e6b1b1e946a13b18b47f531f4151b536f613477b9b6d5
50d68134803430f1729e9927426d636c1b75662fe24bd1706a4d2166ef682087
511216fb41ab08ac4aeea7593ef042231f8a26ea411ca70600818af91bfda8b2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
610cff2c96722ead24487039f6fa6de3161a9b3d8561cc09e0abab2ccc6430f9
63b3bea0e5718a1a04e529b9b3f3248e481b44c3615da8d928b771a177ccdbae
653a7e1ebee694dabeef2cabe0022e0714f49f337d0e42056a4b065f55d12d99
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6e1ddb00fabf1d8d8c9554c78fb644016cae38ef0954314686be406f928b0ec4
76b8d0e5118d7d499b3caf3b047292952d2af69ccd1973030d38328887e1b65f
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
7f631d5455f589ef074281c0677aaadf301d5489ad8b81798e36d371bba3c761
8110fec8953967ec64d619493efbd07f1f0640746e6aee93298985a3b0e61db2
823cebd619645289fb908bb824c6aafeb83c8e3c48aff4f011f02c1881025e82
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
994699ffbc132c6581d114001b80c57a3a421dd9ec3f9c8112c80bbc03e3da7d
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a380d800bbe09bdab2c05f9d57e5e61b7b0f89df61c265f1ab76ca16f53c24cc
a59e7227caac11d6f4523333857d17c0edb466e269f494d4afdc23cdda041525
a616c05df0242158ec4650bdbb42e3b093ec6cdcb11416e3aab079c119965f84
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af4d669f0396d1fc4e3e3c5d1fe6217f71a74ed78d6b420f376d331d515514b9
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b18364d385595cdbff76921d3fff9fb61841a31808c1392354a7bc150a9c2a8e
b47fe6f67688b4cf2464465f92f43aedc340a5d23185bee065e08bcee55c4532
b670e5a6f7bd02d51400674dad3a7355f34698f8aa01420bc0c5d0a5fcd88e04
bbe84d9cac20a501eb5dc1de30ade0618a275e517fcce24c7f935db1830af100
bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52
ce50c3ddb962ac8242bf562751b465d706d19c13a96bce9112cf37fdf2c76db5
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d03515268b17a0cbf88cd38aa108e0770a23e1338d22d2dc9e9a38ca6a89311b
d336f19d405a8392dc7debeab2cc60008c41a1da17f3e9173f853e412af9d601
d4f076eedc367423bfaa20bd842c266d297a98fa07da32739ccf9a7c27f92348
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d6c6eae2059c0d8677d501c6ed9906a63f737f360bb7302c5544d5b6d886d6c6
d76251cde35bc9c6efccc295573e66a01e1ee5f033486464d61e30e198914895
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e24fae615ef4f4736e61297ed889205e904fa8043df4a6e293d06b04ff7dd02f
e32957744ae7d7362c0513a4346a63dd350132483b4282ef84912f66ccd86e77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead365bafa451211d6ce383395fdaf22943af479aa5eda7615581e6b0e81e65a
ebffa853a9f60222b452dfcac671de6b33d41fcf445e76119e48a998dec52a4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5225e82e1a6fd7438af51dbdc050bcb8a5d35eec33f26932f66bf30c9dfdb03
f7ce91e2bb9a685435527b75513cc130f4fee6ec5c7f28efd9fbeab2781bcc5c
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8f2dd81663e67e22c9d750f91b1ec0323328264c191428d1f0bfcc37869c8b3
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fb716fedf797a1d2d8c46deed804f97881304cfaebc13e905f1848f268cbf49f

wickedthemusical.com Open in urlscan Pro 35.171.141.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

92 %HTTPS

47 %IPv6

36 Domains

49 Subdomains

39 IPs

6 Countries

1916 kBTransfer

5426 kBSize

47 Cookies

46 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wickedthemusical.com Open in urlscan Pro
35.171.141.94 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

92 %
HTTPS

47 %
IPv6

36
Domains

49
Subdomains

39
IPs

6
Countries

1916 kB
Transfer

5426 kB
Size

47
Cookies

143 HTTP transactions
0 data transactions