Submitted URL: http://www.buzztime.com/
Effective URL: https://www.buzztime.com/
Submission: On November 13 via api from US — Scanned from DE

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 56 HTTP transactions. The main IP is 216.32.152.6, located in Santa Ana, United States and belongs to CENTURYLINK-LEGACY-SAVVIS, US. The main domain is www.buzztime.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 18th 2022. Valid for: a year.
This is the only time www.buzztime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 buzztime.com
www.buzztime.com
2 MB
10 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 2943
static-tracking.klaviyo.com — Cisco Umbrella Rank: 3590
fast.a.klaviyo.com — Cisco Umbrella Rank: 3827
static-forms.klaviyo.com — Cisco Umbrella Rank: 3684
87 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
210 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
5 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
193 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 219
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 logentries.com
js.logentries.com — Cisco Umbrella Rank: 34240
202 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
www.google.de — Cisco Umbrella Rank: 5922
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 334
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
467 B
56 13
Domain Requested by
17 www.buzztime.com 1 redirects www.buzztime.com
6 static.klaviyo.com www.buzztime.com
static.klaviyo.com
6 pagead2.googlesyndication.com www.buzztime.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.google.com www.buzztime.com
tpc.googlesyndication.com
2 bam.nr-data.net js-agent.newrelic.com
www.buzztime.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 fonts.gstatic.com www.buzztime.com
fonts.googleapis.com
2 www.google-analytics.com www.buzztime.com
www.google-analytics.com
2 js.logentries.com www.buzztime.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 js-agent.newrelic.com www.buzztime.com
1 fonts.googleapis.com client
1 www.google.de www.buzztime.com
1 static-forms.klaviyo.com www.buzztime.com
1 fast.a.klaviyo.com www.buzztime.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.gstatic.com www.google.com
56 21

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
my.buzztime.com
buzztime.shop
www.facebook.com
twitter.com
instagram.com
Subject Issuer Validity Valid
*.buzztime.com
Sectigo RSA Organization Validation Secure Server CA
2022-10-18 -
2023-10-18
a year crt.sh
www.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.google.de
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
eu.logentries.com
Amazon
2022-02-16 -
2023-03-17
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
static.klaviyo.com
R3
2022-09-20 -
2022-12-19
3 months crt.sh
static-tracking.klaviyo.com
R3
2022-09-28 -
2022-12-27
3 months crt.sh
fast.a.klaviyo.com
R3
2022-09-20 -
2022-12-19
3 months crt.sh
static-forms.klaviyo.com
R3
2022-10-28 -
2023-01-26
3 months crt.sh
www.google.de
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.buzztime.com/
Frame ID: 29E5769A9E02023319735EA68FF817C5
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 6FE347C8491AF63AA50CDFD1A35D42AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360927990916917&output=html&adk=1812271804&adf=3025194257&lmt=1667979670&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.buzztime.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668330675450&bpp=4&bdt=141&idt=111&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6099635158838&frm=20&pv=2&ga_vid=2037758875.1668330676&ga_sid=1668330676&ga_hid=452440424&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070852%2C44770881&oid=2&pvsid=2668471398087101&tmod=821471349&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131
Frame ID: 5454E5120BA0E3B378B3288EC8DAA510
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EECA41DC3C51A2711B095772171CCFE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC647345D218536F5461BC3F2F9E49DC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Buzztime | Bar Trivia, Live Trivia, Cards & Sports Games

Page URL History Show full URLs

  1. http://www.buzztime.com/ HTTP 301
    https://www.buzztime.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

56
Requests

100 %
HTTPS

63 %
IPv6

13
Domains

21
Subdomains

19
IPs

4
Countries

2525 kB
Transfer

6915 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.buzztime.com/ HTTP 301
    https://www.buzztime.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.buzztime.com/
Redirect Chain
  • http://www.buzztime.com/
  • https://www.buzztime.com/
3 KB
2 KB
Document
General
Full URL
https://www.buzztime.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
606127fb28792d80cf7445e95e345a2cc9ae6cd92097f5031120551a22625bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 13 Nov 2022 09:11:15 GMT
ETag
W/"636b5996-d7e"
Last-Modified
Wed, 09 Nov 2022 07:41:10 GMT
Server
nginx/1.10.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Sun, 13 Nov 2022 09:11:14 GMT
Location
https://www.buzztime.com/
Server
nginx/1.10.2
api.js
www.google.com/recaptcha/
850 B
968 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f61df09104beed7b0e8ef5aa419758111363fd4888c08386723bedb3406557f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sun, 13 Nov 2022 09:11:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
166 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adf4c99de778e93aa66aa98df81d70c83c69648967770cf6ee4bb2f922f6530e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55086
x-xss-protection
0
server
cafe
etag
12232720738852443723
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Nov 2022 09:11:15 GMT
app.6115a8e9.css
www.buzztime.com/static/css/
147 KB
23 KB
Stylesheet
General
Full URL
https://www.buzztime.com/static/css/app.6115a8e9.css
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
d4264edb6514e91f21955316a4638d1ae36f23607206986e495ffc054f884a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
public
Date
Sun, 13 Nov 2022 09:11:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Nov 2022 07:41:10 GMT
Server
nginx/1.10.2
ETag
W/"636b5996-24daf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Expires
Tue, 13 Dec 2022 09:11:15 GMT
vendors.0bab7678bc3496708115.js
www.buzztime.com/static/js/
558 KB
137 KB
Script
General
Full URL
https://www.buzztime.com/static/js/vendors.0bab7678bc3496708115.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
eec571834429ba67007710fa8566cba63c74258ee33b7275ba4db9c9f518f771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
public
Date
Sun, 13 Nov 2022 09:11:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Nov 2022 07:41:10 GMT
Server
nginx/1.10.2
ETag
W/"636b5996-8b7b3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Expires
Tue, 13 Dec 2022 09:11:15 GMT
app.4e0316c9.js
www.buzztime.com/static/js/
4 MB
703 KB
Script
General
Full URL
https://www.buzztime.com/static/js/app.4e0316c9.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
a7bc225d8c9f9e9cf1ff1861fe45fe50bc5f40582975b9c02b726db0d127b06c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
public
Date
Sun, 13 Nov 2022 09:11:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Nov 2022 07:41:10 GMT
Server
nginx/1.10.2
ETag
W/"636b5996-38634a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Expires
Tue, 13 Dec 2022 09:11:15 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/
402 KB
161 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 19:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 19:54:37 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2360927990916917&plah=www.buzztime.com&bust=31070852
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a50ad150fb10a6f8cfbdbe0f1f751acb8c484c8a22b386f82ea1ee0284648c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119543
x-xss-protection
0
server
cafe
etag
6818680025819694259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 13 Nov 2022 09:11:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 6FE3
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buzztime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 11:06:58 GMT
etag
10353107486223812946
expires
Sat, 26 Nov 2022 11:06:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
391 B
467 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.buzztime.com&callback=_gfp_s_&client=ca-pub-2360927990916917&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2360927990916917&plah=www.buzztime.com&bust=31070852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dd6e355f3b473b1afdeab8854c26154cae14e8bc72f7adf67f4efd378cfb384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.buzztime.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2360927990916917&plah=www.buzztime.com&bust=31070852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.buzztime.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2360927990916917&plah=www.buzztime.com&bust=31070852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5454
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2360927990916917&output=html&adk=1812271804&adf=3025194257&lmt=1667979670&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.buzztime.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668330675450&bpp=4&bdt=141&idt=111&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6099635158838&frm=20&pv=2&ga_vid=2037758875.1668330676&ga_sid=1668330676&ga_hid=452440424&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070852%2C44770881&oid=2&pvsid=2668471398087101&tmod=821471349&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2360927990916917&plah=www.buzztime.com&bust=31070852
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buzztime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 09:11:15 GMT
expires
Sun, 13 Nov 2022 09:11:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
a4f4d62c-a8db-49cb-9f51-66735f926366
js.logentries.com/v1/logs/ Frame
0
0
Preflight
General
Full URL
https://js.logentries.com/v1/logs/a4f4d62c-a8db-49cb-9f51-66735f926366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-152-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.buzztime.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-headers
x-requested-with,content-type,accept
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
date
"Sun, 13 Nov 2022 09:11:17 GMT"
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/static/js/app.4e0316c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 13 Nov 2022 07:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6388
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 13 Nov 2022 09:24:49 GMT
newRelicScript.js
www.buzztime.com/
15 KB
6 KB
Script
General
Full URL
https://www.buzztime.com/newRelicScript.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/static/js/app.4e0316c9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
000039702dde1d16dfc35a7aafb200b8d7d3ce26e09291788540fabf127c50fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 09:11:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 09 Nov 2022 07:40:31 GMT
Server
nginx/1.10.2
ETag
W/"636b596f-3ba8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
klaviyo.js
static.klaviyo.com/onsite/js/
3 KB
1 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/static/js/app.4e0316c9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
83a58425249f80e606addfb2f1ed349bb5f75814a1df4ccb760d042388844325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
138987
x-cache
HIT, HIT
content-length
1036
x-served-by
cache-lga21939-LGA, cache-hhn4082-HHN
server
nginx
x-timer
S1668330678.533120,VS0,VE1
etag
W/"1debc7c60f4f59ca351fdf4c4be8c8c2"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1
a4f4d62c-a8db-49cb-9f51-66735f926366
js.logentries.com/v1/logs/
0
202 B
XHR
General
Full URL
https://js.logentries.com/v1/logs/a4f4d62c-a8db-49cb-9f51-66735f926366
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/static/js/app.4e0316c9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-152-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.buzztime.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 13 Nov 2022 09:11:17 GMT
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
expires
0
Buzztime_White_70px.png
www.buzztime.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.buzztime.com/images/Buzztime_White_70px.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
35e3bb01cecd7ff286dc4b8cf9f290f17af42d720a805b3589527d5d0e3fa171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:19 GMT
Server
nginx/1.10.2
ETag
"6364285f-795"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1941
X-Proxy-Cache
HIT
getBuzztime.png
www.buzztime.com/images/home/
640 KB
640 KB
Image
General
Full URL
https://www.buzztime.com/images/home/getBuzztime.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
ab02802cfcf5ac5f1ff80810a3aaa58529fca090e45d02999cea67575de58f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:31 GMT
Server
nginx/1.10.2
ETag
"6364286b-a0028"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
655400
X-Proxy-Cache
HIT
referral.png
www.buzztime.com/images/home/
74 KB
74 KB
Image
General
Full URL
https://www.buzztime.com/images/home/referral.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
2efbe35e5e2c9ad02bc0bda559e010de16460d3ae4d6bff154646c1305202c9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:18 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:18 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:31 GMT
Server
nginx/1.10.2
ETag
"6364286b-1276e"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75630
X-Proxy-Cache
HIT
Carousel3.jpg
www.buzztime.com/images/app/
395 KB
395 KB
Image
General
Full URL
https://www.buzztime.com/images/app/Carousel3.jpg
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
782438c451cc70db29c3a8a575ba2b57c96373e8036d0a71a07b03d0749f8224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:18 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:18 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:19 GMT
Server
nginx/1.10.2
ETag
"6364285f-62a64"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
404068
X-Proxy-Cache
HIT
Android.png
www.buzztime.com/images/app/
3 KB
3 KB
Image
General
Full URL
https://www.buzztime.com/images/app/Android.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
7df8260c64f7e2adcc0dc5b88a458211f022ac15a159545fa157c39f12fecb06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:18 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:18 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:19 GMT
Server
nginx/1.10.2
ETag
"6364285f-b70"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2928
X-Proxy-Cache
HIT
Apple.png
www.buzztime.com/images/app/
3 KB
3 KB
Image
General
Full URL
https://www.buzztime.com/images/app/Apple.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
a973ecbfa5a1d27939e9f668a432b386bade7798fef48021ac563a7ef3a8d8ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:19 GMT
Server
nginx/1.10.2
ETag
"6364285f-a6d"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2669
X-Proxy-Cache
HIT
Buzztime_White_36px.png
www.buzztime.com/images/
1 KB
1 KB
Image
General
Full URL
https://www.buzztime.com/images/Buzztime_White_36px.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
73e2e3a3efad8821ba1057aa269004b49328aed804e89a7262b52f305c65657d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:19 GMT
Server
nginx/1.10.2
ETag
"6364285f-447"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1095
X-Proxy-Cache
HIT
Facebook_White.png
www.buzztime.com/images/footer/
276 B
645 B
Image
General
Full URL
https://www.buzztime.com/images/footer/Facebook_White.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
f1e35ed575e89ca5d604a1292ab39fb6882f4ebb0ea80a4273c6ef3551767042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:31 GMT
Server
nginx/1.10.2
ETag
"6364286b-114"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
276
X-Proxy-Cache
HIT
Twitter_White.png
www.buzztime.com/images/footer/
312 B
681 B
Image
General
Full URL
https://www.buzztime.com/images/footer/Twitter_White.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
60cc6c3f919d586a32efab8f4ba483bca06190639b58c529c9aa323c8f7c1024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:31 GMT
Server
nginx/1.10.2
ETag
"6364286b-138"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
312
X-Proxy-Cache
HIT
Insta_White.png
www.buzztime.com/images/footer/
613 B
982 B
Image
General
Full URL
https://www.buzztime.com/images/footer/Insta_White.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
ea6537dd260bcd6503ac3a28e974fcda36aebb7f0a52b4987db92e1d053e542b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:18 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:18 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:31 GMT
Server
nginx/1.10.2
ETag
"6364286b-265"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
613
X-Proxy-Cache
HIT
Email_White.png
www.buzztime.com/images/footer/
272 B
641 B
Image
General
Full URL
https://www.buzztime.com/images/footer/Email_White.png
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.32.152.6 Santa Ana, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
8a34e550d77daaacce1ce711e203e219b5b2ef40cd73d582dcb6940fd4f37280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
Tue, 13 Dec 2022 09:11:17 GMT
Pragma
public
Date
Sun, 13 Nov 2022 09:11:17 GMT
Last-Modified
Thu, 03 Nov 2022 20:45:31 GMT
Server
nginx/1.10.2
ETag
"6364286b-110"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
272
X-Proxy-Cache
HIT
bYbkq2nU2TSx4SwFbz5sCOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/francoisone/v10/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/francoisone/v10/bYbkq2nU2TSx4SwFbz5sCOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e8ee9cf1ada5b97643908fc0b668ff60e17638eb5204caf88a92b9f158bf6db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 14:04:30 GMT
x-content-type-options
nosniff
age
68807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16620
x-xss-protection
0
last-modified
Wed, 11 Jan 2017 20:43:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 14:04:30 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=452440424&t=pageview&_s=1&dl=https%3A%2F%2Fwww.buzztime.com%2Fhome&ul=en-us&de=UTF-8&dt=Buzztime%20%7C%20Bar%20Trivia%2C%20Live%20Trivia%2C%20Cards%20%26%20Sports%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAAEABAAAAACAAI~&jid=419278735&gjid=695984601&cid=2037758875.1668330676&tid=UA-229847-2&_gid=1406823934.1668330678&_r=1&_slc=1&_av=2.4.1&_au=100&did=i5iSjo&z=409416660
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buzztime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 09:11:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.buzztime.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
fender_analytics.42a910303762129b987c.js
static-tracking.klaviyo.com/onsite/js/
27 KB
11 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.42a910303762129b987c.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55f20b9eda8fe8f548f84fdb1d55305871822fd4c047e431894513d79bd351b0

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
meH5v7W0ojwWJovEcpzUbBwdeLf6KgAr
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
8156VV1E9YW7J3WN
age
139036
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
10696
x-amz-id-2
wWeKJFPtxxFa+QB4u55LHH9Zf2UE+MgmuBUmeDG2qdruv1nKVmd50PBq+XfiIdvTVyNclFdjw3s=
x-served-by
cache-lga21934-LGA, cache-hhn4062-HHN
last-modified
Fri, 28 Oct 2022 22:41:20 GMT
server
AmazonS3
etag
"141ae207735ed4c2a3fb9ba628dca228"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 176549
static.2a7d6da79b4746dd65dc.js
static-tracking.klaviyo.com/onsite/js/
12 KB
5 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.2a7d6da79b4746dd65dc.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13182b3a3f4341c1a1218dcce757f29ef1c42e51d8b42d12de782f2b18c46ff3

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
6JVjEqOpPJSRfOg2DgNtP8b2lEL04kiq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
DJX5JS59F3NGF43P
age
139035
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5239
x-amz-id-2
3O/SVjd8z/5VU4tw3G/YSxbncZr4IqsK3S0BU2hFWTvk5+VWov6/HNkdQ0CJ07EzZiya1evE2T8=
x-served-by
cache-lga21977-LGA, cache-hhn4062-HHN
last-modified
Fri, 28 Oct 2022 22:41:20 GMT
server
AmazonS3
etag
"77892ad2b77ecca4245d2b89d47eed08"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3, 178382
runtime.38a4814e79033138f9f4.js
static.klaviyo.com/onsite/js/
19 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.38a4814e79033138f9f4.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fef0cc72d51a8e05d702cc03623b7cd630d26befc46cc9f56101e2d9610bff4

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
1UrRpJ2t_XUUSLPDp8GDaEYEg7aI6eKm
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
QEYF3GWSEPKQ09PR
age
139036
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8054
x-amz-id-2
8EjJgbkPn/UcNBuJXPMNXD066Zx5Px91N2JaRp+1+6T5IUjy1ygfRGCjEGTEhNkjIAplXG6Rjas=
x-served-by
cache-lga21962-LGA, cache-hhn4082-HHN
last-modified
Wed, 09 Nov 2022 03:04:15 GMT
server
AmazonS3
etag
"672d32956b3b5f6bdfef875c447919a4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
2, 189924
sharedUtils.b9e0df35334cc1e651b6.js
static.klaviyo.com/onsite/js/
35 KB
14 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.b9e0df35334cc1e651b6.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460cf4574c667f2a5b7784aba04a15263d620fdf998dd2aebda2a4da030218ec

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
O4eT1_jDn59DvpPe9ex9946DLSV9H08f
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
YQX2RCWFWYNCFA5N
age
139035
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
13847
x-amz-id-2
UjdIdiHtl2D/aiNrgKDEOoJSfB0lTAHDB1dnDJUv3a454ad/xltT5fkAtEvJZtVBdM8AH0pvqUA=
x-served-by
cache-lga21952-LGA, cache-hhn4082-HHN
last-modified
Fri, 11 Nov 2022 00:12:58 GMT
server
AmazonS3
etag
"10241c59a86c7928f90d45a55b13bc7c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 194409
vendors~signup_forms.00b04f3c478766c4bc48.js
static.klaviyo.com/onsite/js/
36 KB
12 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.00b04f3c478766c4bc48.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
071bfb77d3ccf78d3fe1b397df04722bb21499b923bb69734524a5cd1fb4b904

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
.u._MKX7WAALs7vW9_tgaPqDl1x5LQP7
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
AD8F17TVQ3WDCPDA
age
139035
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12430
x-amz-id-2
Uo2F8wtaQa8IU+tseW7McR0beMAnzx9hMUGY8dL2o3bpj2mmkuhvyutyXz1hT/Npd6RbUHBo+aY=
x-served-by
cache-lga21921-LGA, cache-hhn4082-HHN
last-modified
Tue, 25 Oct 2022 15:47:54 GMT
server
AmazonS3
etag
"c1f477932c21f86d37733e422c41d864"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 128224
signup_forms.d612f536549ef65da525.js
static.klaviyo.com/onsite/js/
34 KB
12 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.d612f536549ef65da525.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W35fyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7320e0d29bb56d538ad79c6fbadd6bc52a280f1a031d0fba68c2f56aaf20dd8e

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
3QWJW.wDL4PGEpgdSSYg2_NLTv5Z1ohs
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
R1ZVK7HJQNM2KBM0
age
139036
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
11685
x-amz-id-2
JLlJahMb93rOAV7xwMQEMf76k7upS3BO13ojtrM6TK98xImuJ6XgpIU4eiTbkDwguXDWAcLu9I4=
x-served-by
cache-lga21953-LGA, cache-hhn4082-HHN
last-modified
Mon, 31 Oct 2022 14:55:05 GMT
server
AmazonS3
etag
"d5714319f99b25e20a02cfb3f47dd218"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 129284
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-229847-2&cid=2037758875.1668330676&jid=419278735&gjid=695984601&_gid=1406823934.1668330678&_u=YChAAEAAAAAAACAAI~&z=1944015492
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.buzztime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 13 Nov 2022 09:11:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.buzztime.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sentry.7cb637d727d84366f2b1.js
static.klaviyo.com/onsite/js/
39 KB
14 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sentry.7cb637d727d84366f2b1.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.38a4814e79033138f9f4.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b76898f22bfd79635a13b5bcb2195b8310d9b7a10b676624e9b08af5430ec68

Request headers

Referer
https://www.buzztime.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
5RLCs8HEr6hVMb6T_V77Y81r85sp95MR
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
G1339RR1WVFHHHTS
age
139035
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
13747
x-amz-id-2
ZYF8nNCZ98iAX1I9YVABHPh4hXQFF6UYjxe8xiihnC39fPDE1pds7lW6eSG/wpOf3nhYpbJWy4E=
x-served-by
cache-lga21981-LGA, cache-hhn4082-HHN
last-modified
Mon, 27 Jun 2022 21:34:52 GMT
server
AmazonS3
etag
"46c646cae5b80823d9695afc6ccfed75"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
9, 110310
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/
2 KB
701 B
XHR
General
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=W35fyM
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/newRelicScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
190bcb4a270610e9487859a8693847ba055a44d543ea8f0650a9612d8d4d5ad0
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=900
age
4072612
x-cache
HIT, HIT
content-length
355
x-served-by
cache-bos4678-BOS, cache-hhn4060-HHN
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=10
access-control-allow-credentials
true
vary
Accept-Encoding, Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
279, 1
full-forms
static-forms.klaviyo.com/forms/api/v6/W35fyM/
112 KB
9 KB
XHR
General
Full URL
https://static-forms.klaviyo.com/forms/api/v6/W35fyM/full-forms
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/newRelicScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5f809637cdd077f11121fbd2a59face12c0a13da308e1313a09e823b4cc19c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
PZcTA2ObfWF0i5ZrpndO62z7HhEH_rt.
content-encoding
gzip
via
1.1 varnish
date
Sun, 13 Nov 2022 09:11:17 GMT
x-amz-request-id
2BAWCKM9GHWP7WPM
age
1662327
x-cache
HIT
client-geo-continent
EU
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/W35fyM custom-fonts/W35fyM
content-length
8196
x-amz-id-2
Q5822HIYqcxW8y2eDwfYKGGWQPY1cSrrfvf8WfxAoYQTmSoIqn5zibVIcH3nuhEytrKgZRmRIM0=
x-served-by
cache-hhn4053-HHN
client-geo-country
DE
last-modified
Thu, 18 Aug 2022 06:16:20 GMT
server
AmazonS3
x-timer
S1668330678.743506,VS0,VE1
etag
"17a79ff7bd791e22a434ab1ea2dc61e0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
1
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-229847-2&cid=2037758875.1668330676&jid=419278735&_u=YChAAEAAAAAAACAAI~&z=583469297
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 09:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-229847-2&cid=2037758875.1668330676&jid=419278735&_u=YChAAEAAAAAAACAAI~&z=583469297
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Nov 2022 09:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700&family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Roboto:ital,wght@0,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef8858223cfdd17cf85c323519194b451b03129ba64267ee8515fc5d6aa17339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Nov 2022 09:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Nov 2022 09:11:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Nov 2022 09:11:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700&family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Roboto:ital,wght@0,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.buzztime.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
158184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 13:14:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221109&st=env
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/newRelicScript.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afb12e1fd76420101cc07a2369b4025263bc036df6272775d51309bb8f939fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11160
x-xss-protection
0
nr-1039.min.js
js-agent.newrelic.com/
22 KB
9 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1039.min.js
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/newRelicScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea7a55c41a80d1da32127356e9e520698bf51d10204363165a9f341165779ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Sun, 13 Nov 2022 09:11:19 GMT
x-amz-request-id
S2WDJ9QHD7FB8RGE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8843
x-amz-id-2
/3GUEvLNvItGievFIdQw/rDe99l653LbXqUmXrMawmSyUUix8xDpPSnXU3YNUz/sgPng+shItjA=
x-served-by
cache-hhn4041-HHN
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1668330679.243036,VS0,VE1
etag
"8a412aa72bf78809dd3d40a351c5ecbc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1
3c40dcd178
bam.nr-data.net/1/
49 B
611 B
Script
General
Full URL
https://bam.nr-data.net/1/3c40dcd178?a=74790197&sa=1&v=1039.bef6007&t=Unnamed%20Transaction&rst=4968&ref=https://www.buzztime.com/home&be=3330&fe=4888&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1668330674291,%22n%22:0,%22f%22:351,%22dn%22:351,%22dne%22:351,%22c%22:351,%22s%22:516,%22ce%22:851,%22rq%22:851,%22rp%22:1016,%22rpe%22:1017,%22dl%22:1018,%22di%22:3241,%22ds%22:3241,%22de%22:3241,%22dc%22:4886,%22l%22:4886,%22le%22:4889%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1039.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 13 Nov 2022 09:11:19 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
76966119beb59031-FRA
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2360927990916917&plah=www.buzztime.com&bust=31070852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Nov 2022 09:11:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EECA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.buzztime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
607
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 09:01:12 GMT
expires
Mon, 13 Nov 2023 09:01:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CC64
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7748db75ec4d41aa594aa91e2fbc34f1f8b3bb91740abd60777b8ef9fab90758
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NpOya6SqiWSwCFEGs2R5Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.buzztime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NpOya6SqiWSwCFEGs2R5Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 13 Nov 2022 09:11:19 GMT
expires
Sun, 13 Nov 2022 09:11:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame CC64
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221109&jk=2668471398087101&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

3c40dcd178
bam.nr-data.net/resources/1/
36 B
417 B
XHR
General
Full URL
https://bam.nr-data.net/resources/1/3c40dcd178?a=74790197&sa=1&v=1039.bef6007&t=Unnamed%20Transaction&rst=5297&ref=https://www.buzztime.com/home&st=1668330674291
Requested by
Host: www.buzztime.com
URL: https://www.buzztime.com/newRelicScript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d8566ead63fb03a6fe7cc68d513c65206648beeb74675f8dab71e44180c29b

Request headers

Referer
https://www.buzztime.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 13 Nov 2022 09:11:19 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.buzztime.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7696611b79519031-FRA
Content-Length
36
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame EECA
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Nov 2023 09:09:37 GMT
generate_204
tpc.googlesyndication.com/ Frame EECA
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?O0uCdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 09:11:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221109&jk=2668471398087101&bg=!bW6lbirNAAbvMpMzzzI7ACkAdvg8WpOgtTLxbDfLZPiy6qEC-ljVyYkPgudBc07rUTcE0UUmcuACwgIAAABBUgAAAApoAQcKAGrWJcYikleBxqEWsfY1uOBeJGosJg08_FiO93XegnHyj4aSs8slmJG-63uyVmjmbqfjbPu4MHOFq9V9HfInPx9WptvhtiEt9ITQ0Rb19dD2zIG4cqYKAudkHZWtKWDx48cJqiq4sq8Zfl68mQKqgIK8rfbEsO82mtLGXoPFAiwQ41YESmHMt-cCSxSaPpSNZdXD6jx3qtbwsobbuWG-tw29kMBuy9_oPmAdT_14Gp414naOgfoLu9K8PnjLwb4DwFZYHgzQASflPgLGP-Fq2mLKx4Zkmi_jIVSpX9LMLgddQiHpWeKOoMoppBnogiVIWZkQYmpNQoW5jQbLYTWB742743T6dW5fcocjqSci5liqqXic1sfCATl7i_eNWj3Scc5KVdcOGXNE_rddZGlEvCMtOQJWBQhHsVAKkYj7lioGCFw-4BqN5v_6nYh2Xw4HsC2sFUntV6xoKDcBwsnAe5zm-Oh4Z3oX48G7_CjSfDixlAFFYbimjN72o-JvrfSOx4CTqPsD-jJHZ5ugvld4KeC46hDPXMAlUtDeyUfwviEuyMmIYgu_b-p5Fkxecmzc5E5MWPisQBp56eofjw4M_CdTWFzs51BxG4LLB3t7OkvLsyuW4MxRuBDKiGgBBV3fQ4IfDaTMK-__r0S752jralXkMo9ZWMZojB-_jMuqgZAXHnePl8QR_tD4HfjQg6kHi3IOX72Ws8nD0AHAGNax6CUj4wf6_WYrWFXwEWLoToxUoLOexFelWAkP-mJeglIxY_6zjXfpECHKkZTxwdeOtmFM0SspMTv-3pX0E1ZsSzr8_1WSYYLp6P55CjVbVPsymxTdAswhRakoj6S03lRqSs55a3-nOgawCgI__NlMJ0E1mO321z0pfZEum6ZTKzpbAE_AxBgLg3oWiG0wdJ0G3VeuIceurasQvirL_8kJ84SWoyp1ouaO3xJv6mI6wbfas__awkerFvrNmzBVjV-c3PskQLJTLInpYHwan5qjffLCmVkqEYgQ5YPaZ94ND_ygJ-IvO3zvvM8WOLws9lPWjhVjrJp0SsyuvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.buzztime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| msie function| defineProperty function| loadCSS object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| recaptcha function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| webpackJsonp function| _ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ga object| gaDevIds object| gaplugins object| _scriptMap string| GoogleAnalyticsObject object| gaData object| _learnq string| __klKey object| webpackChunk_klaviyo_onsite_modules object| NREUM object| newrelic function| __nr_require object| _klOnsite object| klaviyo object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.buzztime.com/ Name: __gads
Value: ID=17a2e0cb8b88b2ba-22490d911cd80041:T=1668330675:RT=1668330675:S=ALNI_MZE59JtGnX-Vdgvy3oaOlQbWfjaDA
.buzztime.com/ Name: __gpi
Value: UID=00000b809dc43260:T=1668330675:RT=1668330675:S=ALNI_MbkHXBout4UhdgwMgLqwmUGxfgGEg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.buzztime.com/ Name: _ga
Value: GA1.2.2037758875.1668330676
.buzztime.com/ Name: _gid
Value: GA1.2.1406823934.1668330678
.buzztime.com/ Name: _gat
Value: 1
www.buzztime.com/ Name: __kla_id
Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NjgzMzA2NzgsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJ1enp0aW1lLmNvbS9ob21lIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjY4MzMwNjc4LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy5idXp6dGltZS5jb20vaG9tZSJ9fQ==
.nr-data.net/ Name: JSESSIONID
Value: cd72208a323224b0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bam.nr-data.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.logentries.com
pagead2.googlesyndication.com
partner.googleadservices.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.buzztime.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
151.101.130.133
151.101.194.133
151.101.194.137
151.101.66.133
162.247.241.14
216.32.152.6
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c0d::9c
52.31.152.59
000039702dde1d16dfc35a7aafb200b8d7d3ce26e09291788540fabf127c50fa
071bfb77d3ccf78d3fe1b397df04722bb21499b923bb69734524a5cd1fb4b904
13182b3a3f4341c1a1218dcce757f29ef1c42e51d8b42d12de782f2b18c46ff3
190bcb4a270610e9487859a8693847ba055a44d543ea8f0650a9612d8d4d5ad0
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
2a50ad150fb10a6f8cfbdbe0f1f751acb8c484c8a22b386f82ea1ee0284648c8
2efbe35e5e2c9ad02bc0bda559e010de16460d3ae4d6bff154646c1305202c9f
35e3bb01cecd7ff286dc4b8cf9f290f17af42d720a805b3589527d5d0e3fa171
3dd6e355f3b473b1afdeab8854c26154cae14e8bc72f7adf67f4efd378cfb384
460cf4574c667f2a5b7784aba04a15263d620fdf998dd2aebda2a4da030218ec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f20b9eda8fe8f548f84fdb1d55305871822fd4c047e431894513d79bd351b0
606127fb28792d80cf7445e95e345a2cc9ae6cd92097f5031120551a22625bce
60cc6c3f919d586a32efab8f4ba483bca06190639b58c529c9aa323c8f7c1024
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b76898f22bfd79635a13b5bcb2195b8310d9b7a10b676624e9b08af5430ec68
6e8ee9cf1ada5b97643908fc0b668ff60e17638eb5204caf88a92b9f158bf6db
72d8566ead63fb03a6fe7cc68d513c65206648beeb74675f8dab71e44180c29b
7320e0d29bb56d538ad79c6fbadd6bc52a280f1a031d0fba68c2f56aaf20dd8e
73e2e3a3efad8821ba1057aa269004b49328aed804e89a7262b52f305c65657d
7748db75ec4d41aa594aa91e2fbc34f1f8b3bb91740abd60777b8ef9fab90758
782438c451cc70db29c3a8a575ba2b57c96373e8036d0a71a07b03d0749f8224
7df8260c64f7e2adcc0dc5b88a458211f022ac15a159545fa157c39f12fecb06
83a58425249f80e606addfb2f1ed349bb5f75814a1df4ccb760d042388844325
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a34e550d77daaacce1ce711e203e219b5b2ef40cd73d582dcb6940fd4f37280
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fef0cc72d51a8e05d702cc03623b7cd630d26befc46cc9f56101e2d9610bff4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7bc225d8c9f9e9cf1ff1861fe45fe50bc5f40582975b9c02b726db0d127b06c
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
a973ecbfa5a1d27939e9f668a432b386bade7798fef48021ac563a7ef3a8d8ec
ab02802cfcf5ac5f1ff80810a3aaa58529fca090e45d02999cea67575de58f27
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
adf4c99de778e93aa66aa98df81d70c83c69648967770cf6ee4bb2f922f6530e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb12e1fd76420101cc07a2369b4025263bc036df6272775d51309bb8f939fc6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5f809637cdd077f11121fbd2a59face12c0a13da308e1313a09e823b4cc19c2
d4264edb6514e91f21955316a4638d1ae36f23607206986e495ffc054f884a03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6537dd260bcd6503ac3a28e974fcda36aebb7f0a52b4987db92e1d053e542b
ea7a55c41a80d1da32127356e9e520698bf51d10204363165a9f341165779ed8
eec571834429ba67007710fa8566cba63c74258ee33b7275ba4db9c9f518f771
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8858223cfdd17cf85c323519194b451b03129ba64267ee8515fc5d6aa17339
f1e35ed575e89ca5d604a1292ab39fb6882f4ebb0ea80a4273c6ef3551767042
f61df09104beed7b0e8ef5aa419758111363fd4888c08386723bedb3406557f4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615