www.trollstickets.com Open in urlscan Pro
2600:9000:225e:3600:7:abd8:9d80:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.trollstickets.com/
Submission: On November 10 via api (November 10th 2023, 4:39:47 am UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 30 domains to perform 139 HTTP transactions. The main IP is 2600:9000:225e:3600:7:abd8:9d80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.trollstickets.com. The Cisco Umbrella rank of the primary domain is 210986.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 5th 2023. Valid for: a year.

This is the only time www.trollstickets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2600:9000:225... 2600:9000:225e:3600:7:abd8:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:223... 2600:9000:223e:3200:1:5424:4140:21	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
3	52.208.74.24 52.208.74.24	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
6 9	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	23.36.163.249 23.36.163.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6 10	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:28::7	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
139	38

13 2600:9000:225e:3600:7:abd8:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.trollstickets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:3200:1:5424:4140:21 (United States)

ASN16509 (AMAZON-02, US)

dx35vtwkllhj9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

showtimes-v2.s-prod.pow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.74.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-74-24.eu-west-1.compute.amazonaws.com

stdata.powster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

4480452.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:28::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5lznl6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	1 MB
16	google.com 6 redirects adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	18 KB
16	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 4480452.fls.doubleclick.net — Cisco Umbrella Rank: 95531 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 static.doubleclick.net — Cisco Umbrella Rank: 255	7 KB
13	trollstickets.com www.trollstickets.com — Cisco Umbrella Rank: 210986	236 KB
10	google.de www.google.de — Cisco Umbrella Rank: 6862	1 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	658 KB
6	googlevideo.com rr2---sn-4g5lznl6.googlevideo.com — Cisco Umbrella Rank: 62443	938 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	10 KB
6	cloudfront.net dx35vtwkllhj9.cloudfront.net	2 MB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	146 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	32 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	1 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 506 p.typekit.net — Cisco Umbrella Rank: 621	152 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	551 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org — Cisco Umbrella Rank: 584	3 KB
3	powster.com stdata.powster.com — Cisco Umbrella Rank: 79552	1 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	8 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	pow.io showtimes-v2.s-prod.pow.io — Cisco Umbrella Rank: 79178	3 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	910 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	244 B
1	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6347	2 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	6 KB
139	30

	Domain	Requested by
17	www.youtube.com	www.trollstickets.com www.youtube.com
13	www.trollstickets.com	www.trollstickets.com
10	www.google.de	www.trollstickets.com
10	www.google.com	6 redirects www.trollstickets.com www.youtube.com
9	googleads.g.doubleclick.net	6 redirects www.googletagmanager.com www.youtube.com
8	www.googletagmanager.com	www.trollstickets.com
6	rr2---sn-4g5lznl6.googlevideo.com	www.youtube.com
6	region1.google-analytics.com	www.googletagmanager.com
6	www.googleadservices.com	www.googletagmanager.com
6	dx35vtwkllhj9.cloudfront.net	www.trollstickets.com
5	analytics.tiktok.com	www.trollstickets.com analytics.tiktok.com
4	jnn-pa.googleapis.com	www.youtube.com
4	tr.snapchat.com	www.trollstickets.com sc-static.net
4	region1.analytics.google.com	www.googletagmanager.com
4	4480452.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	i.ytimg.com	www.youtube.com
3	www.google-analytics.com	www.trollstickets.com www.google-analytics.com
3	stdata.powster.com	www.trollstickets.com
3	use.typekit.net	www.trollstickets.com use.typekit.net
2	insight.adsrvr.org	js.adsrvr.org
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.facebook.com	www.trollstickets.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	4480452.fls.doubleclick.net
2	connect.facebook.net	www.trollstickets.com
2	showtimes-v2.s-prod.pow.io	www.trollstickets.com
1	static.doubleclick.net	www.youtube.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	alb.reddit.com	www.trollstickets.com
1	geolocation.onetrust.com	www.trollstickets.com
1	js.adsrvr.org	www.trollstickets.com
1	jssdkcdns.mparticle.com	www.trollstickets.com
1	sc-static.net	www.trollstickets.com
1	www.redditstatic.com	www.trollstickets.com
1	static.ads-twitter.com	www.trollstickets.com
1	cdn.cookielaw.org	www.trollstickets.com
1	p.typekit.net	use.typekit.net
139	39

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.pinterest.co.uk
www.tumblr.com
telegram.me
www.instagram.com
www.tiktok.com
app.powster.com
www.trollsmovie.ca
www.trollslefilm.ca
www.trolls3.pt
www.powster.com
www.nbcuniversal.com
www.filmratings.com
www.motionpictures.org
www.universalstudios.com

Subject Issuer	Validity	Valid
www.trollstickets.com Amazon RSA 2048 M01	`2023-10-05` - `2024-11-02`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
showtimes-v2.s-prod.pow.io Amazon RSA 2048 M02	`2023-02-21` - `2024-01-19`	a year	crt.sh
movies.powster.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-31`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-19` - `2023-11-17`	3 months	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-02` - `2024-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.trollstickets.com/
Frame ID: 0F8506B32D3FAC3B38E4032445A9FB6F
Requests: 95 HTTP requests in this frame

Frame: https://4480452.fls.doubleclick.net/activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F
Frame ID: CDD163FDAF0843C54C1A33857E559F48
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a6c53095-98bd-4f16-a999-ea3841f7a04b&u_scsid=14365e88-0e41-4632-91dd-d3aa430aeab8&u_sclid=c27a869b-581e-46d8-b723-56be0b364b40
Frame ID: 1BCB91AA62DC3FD263443174DFF22C6D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
Frame ID: 442626F670D13029F2E6BE2F9D5665B8
Requests: 37 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hztlnt1&ref=https%3A%2F%2Fwww.trollstickets.com%2F&upid=cp4n85h&upv=1.1.0&td1=Trolls%20Band%20Together&td2=animation
Frame ID: 1C2BCFC3DDD5BBD1C3C9B3F96912B4C8
Requests: 1 HTTP requests in this frame

Frame: https://4480452.fls.doubleclick.net/activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F
Frame ID: A24D0E8AE3A006F7D0EEF6576E9116B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trolls Band Together | Showtimes | Get Tickets Now

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

139
Requests

96 %
HTTPS

68 %
IPv6

30
Domains

39
Subdomains

38
IPs

4
Countries

6610 kB
Transfer

11971 kB
Size

21
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=Watch%20Trolls%20Band%20Together%20with%20me&url=https%3A%2F%2Fwww.trollstickets.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.trollstickets.com

Search URL Search Domain Scan URL

URL: https://www.pinterest.co.uk/pin/create/button/?url=https%3A%2F%2Fwww.trollstickets.com&media=https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/share.jpg&description=Watch%20Trolls%20Band%20Together%20with%20me

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fwww.trollstickets.com/&description=Watch%20Trolls%20Band%20Together%20with%20me

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fwww.trollstickets.com&text=Watch%20Trolls%20Band%20Together%20with%20me

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DreamWorksTrolls

Search URL Search Domain Scan URL

URL: https://www.instagram.com/trolls

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@trolls

Search URL Search Domain Scan URL

URL: https://twitter.com/Trolls

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/ar
Title: AR

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/at
Title: AT

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/au
Title: AU

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/be_fr
Title: BE (FR)

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/be_nl
Title: BE (NL)

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/br
Title: BR

Search URL Search Domain Scan URL

URL: https://www.trollsmovie.ca/
Title: CA

Search URL Search Domain Scan URL

URL: https://www.trollslefilm.ca/
Title: CA (FR)

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/ch
Title: CH

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/ch_fr
Title: CH (FR)

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/de
Title: DE

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/es
Title: ES

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/fr
Title: FR

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/gb
Title: GB

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/ie
Title: IE

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/it
Title: IT

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/mx
Title: MX

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/nl
Title: NL

Search URL Search Domain Scan URL

URL: https://www.trolls3.pt/
Title: PT

Search URL Search Domain Scan URL

URL: https://app.powster.com/universalstudios/trolls-band-together/tw
Title: TW

Search URL Search Domain Scan URL

URL: https://www.powster.com/
Title: MOVIE PLATFORM © 2023 POWSTER

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies#accordionheader2
Title: Ad Choices

Search URL Search Domain Scan URL

URL: http://www.nbcuniversal.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy?intake=Universal_Pictures
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/notrtoo?intake=Universal_Pictures
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?intake=Universal_Pictures
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://www.filmratings.com/
Title: Filmratings.com

Search URL Search Domain Scan URL

URL: https://www.motionpictures.org/
Title: MPA.ORG

Search URL Search Domain Scan URL

URL: http://www.universalstudios.com/contact_form.php
Title: Feedback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://4480452.fls.doubleclick.net/activityi;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F HTTP 302
https://4480452.fls.doubleclick.net/activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F

Request Chain 63

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=lNQpCMHa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=C7RNZbHKKIW3x_AP9-qr-AU&sscte=1&crd=&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjRM6O988J2pwSExlPQlPm7PbmAR37aZ2RA&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0lYZElkVGJPdHlnZ0hmRXlQVHVTYXVKSjV3SkdSd3lYRkRyMDBqLS0xRUpmVHkzd0h1czRiRSITCPH7m8TOuIIDFYXbEQgdd_UKXw HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=lNQpCMHa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0lYZElkVGJPdHlnZ0hmRXlQVHVTYXVKSjV3SkdSd3lYRkRyMDBqLS0xRUpmVHkzd0h1czRiRSITCPH7m8TOuIIDFYXbEQgdd_UKXw&is_vtc=1&ocp_id=C7RNZbHKKIW3x_AP9-qr-AU&cid=CAQSKQDICaaNfBl1Lsx8SIi86Q9oAMR8J_05QOyXetQYSJq9V2dAsj0HTVQn&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQNLLPfbCNdNeABggZlefqC9sVAbB_bGV0&random=2944828159 HTTP 302
https://www.google.de/pagead/1p-conversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=lNQpCMHa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0lYZElkVGJPdHlnZ0hmRXlQVHVTYXVKSjV3SkdSd3lYRkRyMDBqLS0xRUpmVHkzd0h1czRiRSITCPH7m8TOuIIDFYXbEQgdd_UKXw&is_vtc=1&ocp_id=C7RNZbHKKIW3x_AP9-qr-AU&cid=CAQSKQDICaaNfBl1Lsx8SIi86Q9oAMR8J_05QOyXetQYSJq9V2dAsj0HTVQn&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQNLLPfbCNdNeABggZlefqC9sVAbB_bGV0&random=2944828159&ipr=y

Request Chain 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=oRRlCL63zuAYEO3xqIop&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=C7RNZdOxKbGxgAes2abICw&sscte=1&crd=&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjS632Z5YwbvyxNLf9BtjTsQzj1Wb94IKb4&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1A1dEpWcWxZN3JsRFBjTEFTOC1qUnVzSDRaLTIteDBOWWg0bDQxUTdqMHNtbGtuTVptLVFmSSITCJPjnMTOuIIDFbEY4AodrKwJuQ HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=oRRlCL63zuAYEO3xqIop&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1A1dEpWcWxZN3JsRFBjTEFTOC1qUnVzSDRaLTIteDBOWWg0bDQxUTdqMHNtbGtuTVptLVFmSSITCJPjnMTOuIIDFbEY4AodrKwJuQ&is_vtc=1&ocp_id=C7RNZdOxKbGxgAes2abICw&cid=CAQSKQDICaaNkg7A7i6IvF-QgUIuivOMy3GalucDE5n0gHOXAs4ap9XJWjBP&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQouL8r5Ow-ZEoFjzFr9yafKQN9b7J_7pM&random=2094850189 HTTP 302
https://www.google.de/pagead/1p-conversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=oRRlCL63zuAYEO3xqIop&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1A1dEpWcWxZN3JsRFBjTEFTOC1qUnVzSDRaLTIteDBOWWg0bDQxUTdqMHNtbGtuTVptLVFmSSITCJPjnMTOuIIDFbEY4AodrKwJuQ&is_vtc=1&ocp_id=C7RNZdOxKbGxgAes2abICw&cid=CAQSKQDICaaNkg7A7i6IvF-QgUIuivOMy3GalucDE5n0gHOXAs4ap9XJWjBP&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQouL8r5Ow-ZEoFjzFr9yafKQN9b7J_7pM&random=2094850189&ipr=y

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=eG5rCLjGzuAYELD5oqUp&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=C7RNZfq1KYGyx_AP8IqjuAM&sscte=1&crd=&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjRWMpoWrwEhi4Wc8xLjg6_q_3D0YC2mRbY&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0NueTNWZHREM2hfcmFRUDdzblRhZmNUMlNuZFVISmVQaTM5dUluV3A1T0NCd014RU4wSno0ZyITCLrnnMTOuIIDFQHZEQgdcMUINw HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=eG5rCLjGzuAYELD5oqUp&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0NueTNWZHREM2hfcmFRUDdzblRhZmNUMlNuZFVISmVQaTM5dUluV3A1T0NCd014RU4wSno0ZyITCLrnnMTOuIIDFQHZEQgdcMUINw&is_vtc=1&ocp_id=C7RNZfq1KYGyx_AP8IqjuAM&cid=CAQSKQDICaaNXC4aAgmV9h0CbaMpA9J4m8pkqO4TTc91Th-1Ren5gU1Hc_7q&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQrWQCsS-vZH9A5jjGuN1mkDES1-HJudYg&random=610916221 HTTP 302
https://www.google.de/pagead/1p-conversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=eG5rCLjGzuAYELD5oqUp&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0NueTNWZHREM2hfcmFRUDdzblRhZmNUMlNuZFVISmVQaTM5dUluV3A1T0NCd014RU4wSno0ZyITCLrnnMTOuIIDFQHZEQgdcMUINw&is_vtc=1&ocp_id=C7RNZfq1KYGyx_AP8IqjuAM&cid=CAQSKQDICaaNXC4aAgmV9h0CbaMpA9J4m8pkqO4TTc91Th-1Ren5gU1Hc_7q&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQrWQCsS-vZH9A5jjGuN1mkDES1-HJudYg&random=610916221&ipr=y

Request Chain 115

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=kjNDCNPa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=DLRNZYfQOuDzx_APqcW98As&sscte=1&crd=&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjTAQkAfpjA5CKBTRwhJ7xZNCUUB2h9pa50&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1BZWFNocXNENWNkVndNY2Z2anphcXpTc0o3akVhTC15bGVldUVUUzRpMHlsRlJiYXlfTHdmNCITCIeG68TOuIIDFeD5EQgdqWIPvg HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=kjNDCNPa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1BZWFNocXNENWNkVndNY2Z2anphcXpTc0o3akVhTC15bGVldUVUUzRpMHlsRlJiYXlfTHdmNCITCIeG68TOuIIDFeD5EQgdqWIPvg&is_vtc=1&ocp_id=DLRNZYfQOuDzx_APqcW98As&cid=CAQSKQDICaaN7O1rqijgoS7TIhHv0JwGcx4tu2vKWO9UdPcaa6GijjikRoMl&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQUvRnCSOGVlcSS_ksKJrPBSc-fBoIajbo&random=1631510103 HTTP 302
https://www.google.de/pagead/1p-conversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=kjNDCNPa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1BZWFNocXNENWNkVndNY2Z2anphcXpTc0o3akVhTC15bGVldUVUUzRpMHlsRlJiYXlfTHdmNCITCIeG68TOuIIDFeD5EQgdqWIPvg&is_vtc=1&ocp_id=DLRNZYfQOuDzx_APqcW98As&cid=CAQSKQDICaaN7O1rqijgoS7TIhHv0JwGcx4tu2vKWO9UdPcaa6GijjikRoMl&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQUvRnCSOGVlcSS_ksKJrPBSc-fBoIajbo&random=1631510103&ipr=y

Request Chain 124

https://4480452.fls.doubleclick.net/activityi;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F HTTP 302
https://4480452.fls.doubleclick.net/activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F

Request Chain 133

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=yEHBCMTa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=DrRNZdTCHNrsgAfgsYvQBg&sscte=1&crd=&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjRTJatgpRfwe-rRSMh-5OXUq-5ACnMzACo&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb01xZTJRQzZpTjRFMG5NaGxFSmtKcDdRd0RNMENUUjNxTy15aExrQXBXUy1nRDdBMkpDSTZ3ayITCNSBx8XOuIIDFVo24Aod4NgCag HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=yEHBCMTa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb01xZTJRQzZpTjRFMG5NaGxFSmtKcDdRd0RNMENUUjNxTy15aExrQXBXUy1nRDdBMkpDSTZ3ayITCNSBx8XOuIIDFVo24Aod4NgCag&is_vtc=1&ocp_id=DrRNZdTCHNrsgAfgsYvQBg&cid=CAQSKQDICaaNExjEZE_IXj0lmtyZ76EYSFWEqEVqCdQ6f1CwscRt1IdMlxRA&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQ4dxOJEfZpN8ZhWXDT-491X-skGHURvz8&random=543714350 HTTP 302
https://www.google.de/pagead/1p-conversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=yEHBCMTa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb01xZTJRQzZpTjRFMG5NaGxFSmtKcDdRd0RNMENUUjNxTy15aExrQXBXUy1nRDdBMkpDSTZ3ayITCNSBx8XOuIIDFVo24Aod4NgCag&is_vtc=1&ocp_id=DrRNZdTCHNrsgAfgsYvQBg&cid=CAQSKQDICaaNExjEZE_IXj0lmtyZ76EYSFWEqEVqCdQ6f1CwscRt1IdMlxRA&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQ4dxOJEfZpN8ZhWXDT-491X-skGHURvz8&random=543714350&ipr=y

Request Chain 134

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=-adnCMra4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=DrRNZfLCHfmjx_APmIOwwAM&sscte=1&crd=&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjT03Yv3ylvDmEgqr2rsIzKKTgFv1o-Cgas&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0diMTRiT3ZjeDBfV0Q0REU2N0NXbXBDVW5DeDIwV21zMUR4NW1wQkNqVEJRd0tjWlE4QjUwUSITCPKByMXOuIIDFfnREQgdmAEMOA HTTP 302
https://www.google.com/pagead/1p-conversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=-adnCMra4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0diMTRiT3ZjeDBfV0Q0REU2N0NXbXBDVW5DeDIwV21zMUR4NW1wQkNqVEJRd0tjWlE4QjUwUSITCPKByMXOuIIDFfnREQgdmAEMOA&is_vtc=1&ocp_id=DrRNZfLCHfmjx_APmIOwwAM&cid=CAQSKQDICaaNTfDKKfXQ7UHhdTw_yX76cIt8_pAjw8CG9SzcKpykgqiOQlyF&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjTwHhA5J4q1aV2PNGFkGxMF_TIa5Qm9cGg&random=2188458884 HTTP 302
https://www.google.de/pagead/1p-conversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=-adnCMra4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0diMTRiT3ZjeDBfV0Q0REU2N0NXbXBDVW5DeDIwV21zMUR4NW1wQkNqVEJRd0tjWlE4QjUwUSITCPKByMXOuIIDFfnREQgdmAEMOA&is_vtc=1&ocp_id=DrRNZfLCHfmjx_APmIOwwAM&cid=CAQSKQDICaaNTfDKKfXQ7UHhdTw_yX76cIt8_pAjw8CG9SzcKpykgqiOQlyF&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjTwHhA5J4q1aV2PNGFkGxMF_TIa5Qm9cGg&random=2188458884&ipr=y

139 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.trollstickets.com/ 122 KB
32 KB 227ms
113ms Document
text/html 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b4cf6abd154305a66010ef8c727233651c6346496233ba875ff23cecd3b29bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 04:39:40 GMT
etag: W/"8cbd561bc6c36fc252a8c3539140b0ac"
last-modified: Thu, 09 Nov 2023 23:54:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-id: nZq4yrMfzLmRGHIBp6obJpCbYjuXwRLRetxkm__Vq9zo6QVc4OmqdQ==
x-amz-cf-pop: FRA60-P4
x-amz-version-id: K7nbYrbrSkMvQ.DgH10z4PkG4f6Ts8wF
x-cache: RefreshHit from cloudfront

GET
H2 200 bolt.css
www.trollstickets.com/css/ 55 KB
11 KB 107ms
106ms Stylesheet
text/css 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/css/bolt.css?v=1699573861306
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fc521a55b0accde064a79c588f85befd1b4cfaba3b427765ce200b6b18330e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: QIVLJiotTV_BQSsP5XSkvUbVNKRMspZ3
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"835b07098814d771b9852f58ac7d40ec"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: y9H4qSvLBpLypL25zM_Ek8Q8VI5qKUkJ_1_ipErcM_q-CzWS9jzbRg==

GET
H2 200 gsb3nxg.css
use.typekit.net/ 2 KB
864 B 93ms
21ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gsb3nxg.css

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 10 Nov 2023 04:39:39 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 641

GET
H2 200 bolt.js Show response
www.trollstickets.com/js/ 290 KB
95 KB 87ms
86ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea8f25f799aa3fa9e979374a563b267d88da0934708792b547c2d79f9f9da3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 82EgQtDLqXruad.b1pjPcx1SE1dkKaRS
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"8086dbea2c7dc1e72df706918306b912"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: WRrJ_XoEtvMoBSPS3_QkVK87F3HwdW29PB0roHsZKWjL7jbJQdoWSw==

GET
H2 200 tt.png
dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/ 722 KB
723 KB 106ms
25ms Image
image/png 2600:9000:223e:3200:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/tt.png
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3200:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c51b645393fecb990b8ac7ce4cb8caa212548f52d1f4b965e8f613a966b309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:34:06 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 01:14:41 GMT
server: AmazonS3
age: 774334
x-amz-cf-pop: FRA56-P4
etag: "373b3cc6eb62a2bda86f81a0de16d7d0"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 738867
x-amz-cf-id: 7ClxSOJxZK4gsKohnccxiqG5NjfXbbAs03b4hj8oqJMVUvqiD_RM2Q==

GET
H2 200 legal-logos.png
dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/ 33 KB
33 KB 200ms
119ms Image
image/png 2600:9000:223e:3200:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/legal-logos.png
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3200:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 000b59e2a7ef7c441e898e987e976c98c9c8b5f3e6d4fd4024cab520d2dc23f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:08:02 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 01:18:19 GMT
server: AmazonS3
age: 257498
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "c5cfc066f425379648273905b3df520c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 33411
x-amz-cf-id: eAv8iISBabJO_TZyEwqEMADdBfSWumBORCMZ-9Yxt5JMjVew-iHEnQ==

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 37ms
21ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gsb3nxg&ht=tk&f=139.175&a=10433865&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 448 KB
119 KB 120ms
64ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9488ed7bedf6f5d6f41b1834a49abc3fdf1a0f2d8241d0fc48b8bcc0c290880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121470
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 77 KB
77 KB 102ms
45ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://www.trollstickets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
server: nginx
etag: "11c083ab1a15272638ae385d966dba01aa76cbb4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 78476

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 74 KB
74 KB 77ms
21ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsb3nxg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8

Request headers

Referer: https://use.typekit.net/gsb3nxg.css
Origin: https://www.trollstickets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
server: nginx
etag: "df3243d3c759de78b3798be9b3d13ba4e81d0d86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75868

OPTIONS
H2 200 regions
showtimes-v2.s-prod.pow.io/v2.0/app/ Frame 0
0 157ms
92ms Preflight
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=trolls-band-together&rules_groups%5B0%5D=appId%3A%3A24554%3A%3A%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.trollstickets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-lat,x-requested-lon,x-requested-countries,x-requested-approxpos,pow-cache-include
access-control-allow-methods: GET,OPTIONS,POST,PUT,DELETE,HEAD,PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 10 Nov 2023 04:39:39 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amz-apigw-id: OKkR3EXQjoEEQLg=
x-amz-cf-id: PVj7_X61zhhAK_38pE0xGFafPUVepD57McDHAVxhB0TBhtl86Xx4UQ==
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: c4a22cc0-4c07-48f2-a4d9-ea2b94bae731
x-cache: Miss from cloudfront

GET
H2 200 geo Show response
stdata.powster.com/ 104 B
388 B 161ms
47ms Fetch
application/json 52.208.74.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stdata.powster.com/geo
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.74.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-74-24.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b0a5518b142c76dad1b569142decdb8aad7913d70e84476ee329254a770f0900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 73ms
29ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Nov 2023 04:39:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 79915
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 40af8f39-a01e-0026-3083-f0719b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 823b9ce7dd9a2bee-FRA

GET
H2 200 regions Show response
showtimes-v2.s-prod.pow.io/v2.0/app/ 2 KB
3 KB 115ms
115ms Fetch
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://showtimes-v2.s-prod.pow.io/v2.0/app/regions?slug=trolls-band-together&rules_groups%5B0%5D=appId%3A%3A24554%3A%3A%2F
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 72d5ac87d42c6b7543a1e10ef53db8f3ce8b786ebb78fed5dae80110dc18cd25

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2395
x-amz-cf-pop: FRA56-P3
x-amzn-requestid: 94507e2f-c550-4b31-891e-940652dde0ed
etag: W/"95b-fQOMmxAI1nFPA6l99wFtBoPA5Fo"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-654db40b-4cae021722100bfb763d72df;Sampled=0;lineage=86c3ccff:0
x-cache: Miss from cloudfront
x-amz-apigw-id: OKkR4EE2joEEWlg=
content-length: 2395
x-amz-cf-id: QbhPNQieLrzo6pf7WR7Lq2WwZzCC6orchj9qVa3N0-js0kS8obTXBw==
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, x-requested-lat, x-requested-lon, x-requested-countries, x-app-region, x-requested-approxpos, x-api-key, pow-cache-include, x-pow-cache-include

GET
H2 200 geo Show response
stdata.powster.com/ 106 B
390 B 110ms
46ms Fetch
application/json 52.208.74.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stdata.powster.com/geo
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.74.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-74-24.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b94756a03086422c4c52596af65603bc2118b1fcf0c568716914dfe9185aa54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
73 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0317aaba39ebed876b072bea4629e7a1b5745a3c9e6f088c087f461c98631f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
75 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MLHXQJPPKK&l=dataLayer

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d630949c3a2fa94f12811a79a8d142ade5de08add63b2ac1e308cce250d32d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SFYGCDPE8&l=dataLayer

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd69dbdc6f77fc8f7398807d4313f8383b4ba2103ed793f9a0820a281541523b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 715.bolt.js Show response
www.trollstickets.com/js/ 14 KB
5 KB 78ms
78ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/715.bolt.js?v=f15ca95191f7a5d47c88
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8d2951da68a08e93642245f20c9198896e4dbc11315bd4636fff208252a9fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 3qvNoH3qfrC.RO4M_UsCHVTyAsiG0jOZ
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"1938a266e8a34c1d5433d915020cd21a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: pOt0eBOqe02M4HOmQkJei9SYP9YaH21mMQdg65hCc-QPBvnvP6Rvkg==

GET
H2 200 350.bolt.css
www.trollstickets.com/css/ 3 KB
1 KB 55ms
55ms Stylesheet
text/css 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/css/350.bolt.css?v=338573d91abaf24ad887
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 249c06c5773527f5716ca3779b0bfc8fe72bdca379210efbd6cc9183ca257b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: xHu5IEtRKU01XiXthANdUoRd8a_wVOUZ
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"95e27e5bff5455d3eb6896fff827f24b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: s5TQxAVyi5oQkyXehRm7KXGroyzMWzkxdp9TnPhOjFb4oebwsyt1HQ==

GET
H2 200 trailerOverlay.bolt.js Show response
www.trollstickets.com/js/ 3 KB
2 KB 80ms
79ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/trailerOverlay.bolt.js?v=338573d91abaf24ad887
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22d5cf2b9de1f9240e3aecc245fca0531e4bcfe161d85d16fad6fc162e777398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: g4GNzM4U20C7ncEwerRh.tFY3MBc6EdK
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:54:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"a4ef145e458d26247e700a385027cef7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: psaSKpOE4SgL4fp8ad9SZwLKfycjBA-qLAOaPQ8p7XJFKrC_WiUq-w==

GET
H2 200 bg.jpg
dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/ 348 KB
348 KB 22ms
22ms Image
image/jpeg 2600:9000:223e:3200:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/bg.jpg
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3200:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae8b9a174c76637d280f87046368dfa8cf67cb6d6aadd006918383370898d6e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 22:15:44 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Tue, 12 Sep 2023 16:38:55 GMT
server: AmazonS3
age: 800636
x-amz-cf-pop: FRA56-P4
etag: "f45686623c95de94cc8a676fe8ed7d70"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 355880
x-amz-cf-id: eoIRnZfSuOrxitk0A9q5mFpDLnrN9AWIzZgCNriAKMoK7Ix7wrmLzw==

GET
H2 200 965.bolt.js Show response
www.trollstickets.com/js/ 17 KB
7 KB 96ms
94ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/965.bolt.js?v=f91dbeca098fb67714bd
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e0a870f4a478aae2eef7bf71f476958b7764b7a2bcdfe60d58294526e3ed6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: X16w.zfpjJJJ7pBoK0k5_wj29FWR3l3a
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"8ed09e911ec809b96ad65a6d87970556"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: sJcL49zk7WUFGLOQILi0g0BioTOw706Vk-JeBoMts_qPSAAQykx5vQ==

GET
H2 200 781.bolt.css
www.trollstickets.com/css/ 24 KB
5 KB 86ms
84ms Stylesheet
text/css 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/css/781.bolt.css?v=6c002e61a9c933293882
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c32f423d643e6396b3c68f18fbb459a73acead64d32d344e6de8a3cd788fc39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: IS80qe5MimQh3dPI0sAmxcNi2Cp7Wkzp
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"f9cbf415182b83e3273212c60cc4b93e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: 2EBUPHQ65bp0uSFpN1V8PUgzP9UPX3yC8XOGVFbtvFVg7HrJL3dDhA==

GET
H2 200 781.bolt.js Show response
www.trollstickets.com/js/ 26 KB
10 KB 81ms
80ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/781.bolt.js?v=6c002e61a9c933293882
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f098f1864e58c0abdc3ef68c793156c71bf502a38b6d89630724234f8432c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: VBmjgDMBpdCeIAdp8sze89wJIUOIDVov
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"34bc19515e52e13364c54c2fef47f9ab"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 44upooVGMpd3sWIp-oIoM-OaABa00L_ADhsVAm-ZNu-uwlYrmXQ2MQ==

GET
H2 200 283.bolt.css
www.trollstickets.com/css/ 35 KB
7 KB 83ms
81ms Stylesheet
text/css 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/css/283.bolt.css?v=6da6accd38fef4dc849f
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8ccfe1ec55da24f79ea57007c4a5d4cff25723d81be5d634e71fe39e90cff87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: wwFHOT7lZcuHem4Qx2NERUndsB_f79g9
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"66f553bb78fb56805e23f7a623ee118b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: bk4FkYfZcpCy_u85rYBdrzhAAcV-oc1VXV97FSkNXCUFTRhatwHY8A==

GET
H2 200 283.bolt.js Show response
www.trollstickets.com/js/ 68 KB
22 KB 79ms
77ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/283.bolt.js?v=6da6accd38fef4dc849f
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 248e0793c67d88124feb9d51397e20238346b217436f88057ff775599a6ae90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: T17jWnxTYrbi07Or0fgcwXAKiebVaL1b
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"08828c006f7c7386617fc2d452dd1cf7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ZeSr-HizaKGnLuELiOvIDZDhJbHrlPEnarKKA9ABzLBpL_72EIGJ-A==

GET
H2 200 436.bolt.css
www.trollstickets.com/css/ 50 KB
10 KB 57ms
56ms Stylesheet
text/css 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/css/436.bolt.css?v=d50d91ac1c3edd4d7a8a
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c67b12695048c8eb8ee6821314965db3d3ddc04f3af47c53a035e2a77d4ce9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: .VZ.la2TC9tvLYLDxM_F1NcYGzJlpRwa
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:55:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"5ad5271542b0abd394310bc1f103efbc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: aV0HXRyVB4v0ds98BtBfeXGVwt-AeBwZRoXoiblV-1oVwkpXHC-mTw==

GET
H2 200 showtimes2.bolt.js Show response
www.trollstickets.com/js/ 107 KB
31 KB 89ms
88ms Script
application/javascript 2600:9000:225e:3600:7:abd8:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trollstickets.com/js/showtimes2.bolt.js?v=d50d91ac1c3edd4d7a8a
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3600:7:abd8:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08d31287f4e4689c63b97ca63b8169879d8e2ccb8caa72e0b44c32b8b2d5c2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: TKopKE8kw65AWkxQLx_mZOqOp2XZFIYx
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
date: Fri, 10 Nov 2023 04:39:40 GMT
last-modified: Thu, 09 Nov 2023 23:54:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"2fd647f33d654f5150f65f287973653e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: NQGXybGDDmqdYML2aFaPcchwhbKDyuyQVwgOdmgeMqvx0MZikxxzPw==

GET
H2 206 bg.webm
dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/video/ 741 KB
742 KB 46ms
44ms Media
video/webm 2600:9000:223e:3200:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/video/bg.webm
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3200:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6a6f8f63423ee29ba56d13dd8c30782b5d34327f0da2e505691e98db7cddad1

Request headers

Referer: https://www.trollstickets.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 28 Oct 2023 22:52:02 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Tue, 12 Sep 2023 16:39:42 GMT
server: AmazonS3
age: 1057658
x-amz-cf-pop: FRA56-P4
etag: "6a3b453b255ed90a968e9ca79723ad39"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: video/webm
Content-Range: bytes 0-758792/758793
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: YiXLQ8-ukihAUEfURMofbRFHckWO1rbgh2NjvDc7YxgVgzwPyJ9neA==
Content-Length: 758793

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 99ms
41ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5819e09af544ac958e7f95887e5a777a4eaa4d1636a3c71681fc015489c1b289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/ 3 KB
2 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1699591179568&cv=11&fst=1699591179568&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4f0d2f65ad0ea6b5b50cbaa17bed60e8b78b6d0a8f1340426099a64c4df2b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1262
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 120ms
34ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220032-FRA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 85ms
22ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 03:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 10 Nov 2023 05:49:42 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 92ms
33ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1699591179588&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=lNQpCMHa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&bttype=purchase&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b1681638f8ebe2660e9ef75a02259c82ccd397afe5458407eb7d0ec9da7dc9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1658
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 216ms
123ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=CJVQU4RC77UDO397JP40
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 085f4b819e86ec22057ccf697e2eebd702548f5ebe3217b988de88b2c220e06c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 34e54656.32f23b3
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 92,23.36.161.221
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=6, inner; dur=3
content-length: 1716
pragma: no-cache
server: nginx
x-tt-logid: 2023111004393913844946BBC76F24B436
x-cache-remote: TCP_MISS from a23-220-107-144.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.107.144
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d39ed7a7d0427c8cb50bb227e729673ea2f3525c2e7b9636ef9f91a8c6edc41ff56d46ae918cfcdc5da06dcacebc081593a71637ed79a99fec9cd28787678b76339a1be34c023cdd813a5296ff95562981ad96762f1a1eb49528228e7c506f6da
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 39 KB
17 KB 107ms
47ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e85d000352371d01ec68c35b294c87b928cc6f62ec99cd75a22bb420b00bffa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16941
x-amz-cf-id: iJyrQjjWnrnxagMoEMPQyxdnebjbBC5Y6zaOzU7wNYpF_yuuL37DeQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1799c4efb0adfe67caf1045fbb81408dfc7f713691348f91a66d78771ed6d5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/924229467/ 3 KB
1 KB 58ms
34ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924229467/?random=1699591179600&cv=11&fst=1699591179600&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259862b924b18b7b8162b3991c5ecad1dad7db80ba2b8bc0aa8998e0cfd7da78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab... Show response
4480452.fls.doubleclick.net/ Frame CDD1
Redirect Chain

https://4480452.fls.doubleclick.net/activityi;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;u...
https://4480452.fls.doubleclick.net/activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1...

504 B
635 B

65ms
64ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4480452.fls.doubleclick.net/activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

7bd6f350adb0ec9ee091531611df346c812600697e31f71d07ccff127b4dfcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trollstickets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:39:39 GMT
expires: Fri, 10 Nov 2023 04:39:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:39:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4480452.fls.doubleclick.net/activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 69ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Nov 2023 04:39:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: TVult9eWyEPtzmkamJmGJgxftD8g4VOatpId9124sc5KRuujZAFqmkC1FHl84FdtU/QfYsYgeiPAnZ3wLQzmTQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 33ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1699591179612&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=oRRlCL63zuAYEO3xqIop&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&bttype=purchase&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

78f61cac6ee043a048aa1fe8fd1cdbfd640ebff92e9f4d247198bcdf01dfa564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1651
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 37ms
36ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1699591179625&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=eG5rCLjGzuAYELD5oqUp&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&bttype=purchase&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e2febba76108eb52ff2b0dbc4db3f4cb1f61816d6097b9a8380d2c1b775eb073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1650
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-f3dc234cd4dd4c44a911b1ec55aec231/ 3 KB
2 KB 92ms
21ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-f3dc234cd4dd4c44a911b1ec55aec231/mparticle.js?env=0
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8303823d262dee7eaa3b8eb7acf79937502dc429ae530d22e0e3f5de572adc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000039-IAD, cache-fra-eddf8230078-FRA
date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 111
x-timer: S1699591180.743641,VS0,VE0
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000039_IAD
x-cache: MISS, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 1294
x-cache-hits: 0, 2

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 90ms
21ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 04:25:07 GMT
Content-Encoding: gzip
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 873
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: YfKjMOG4XFjGLiB4sbT2Z-bozwV5EFc8s5zozNiOYuSpLsItp6ldZw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
73 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer&cx=c

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74a6bf5a53d1f350e0ce32c82f1791efc06071713d8b241cb3420f44a7bf368e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
75 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MLHXQJPPKK&l=dataLayer&cx=c

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f39ae6e4eb73fa9c13ac43af3ec9dcb89fd9fe17da813f244b3bc686b75f4830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SFYGCDPE8&l=dataLayer&cx=c

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a6753f781c12defc70079a8d7dcb88b9c4de952435745173fe003285fb3550e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 04:39:39 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
244 B 99ms
46ms Script
text/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 823b9ce95e743a3d-FRA
vary: Accept-Encoding
content-type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W6FD9FK0F1&gtm=45je3b81v881931567&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=boltShowtimes&dp=boltShowtimes&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.event_stream=Trolls%20Band%20Together%20-%20US&ep.event_region=us&ep.event_studio=Universal%20Pictures&ep.region=us&ep.debug_mode=false&tfd=818
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 capital Show response
stdata.powster.com/ 81 B
341 B 47ms
47ms Fetch
application/json 52.208.74.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stdata.powster.com/capital?country=de

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.74.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-74-24.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a91159f3a71e7d42479856a4256d7dd5a483725350d64f20d8f92e1e2dbadada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.trollstickets.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MLHXQJPPKK&gtm=45je3b81v870129408&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=boltShowtimes&dp=boltShowtimes&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.event_stream=Trolls%20Band%20Together%20-%20US&ep.event_region=us&ep.event_studio=Universal%20Pictures&ep.region=us&ep.debug_mode=false&tfd=903
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MLHXQJPPKK&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4SFYGCDPE8&gtm=45je3b81v9167507124&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=boltShowtimes&dp=boltShowtimes&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.event_stream=Trolls%20Band%20Together%20-%20US&ep.event_region=us&ep.event_studio=Universal%20Pictures&ep.region=us&ep.debug_mode=false&tfd=932
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SFYGCDPE8&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onesheet.jpg
dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/ 318 KB
319 KB 23ms
23ms Image
image/jpeg 2600:9000:223e:3200:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/onesheet.jpg
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3200:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b3a3c583c7c83322dca0536c972dc617ac231272642233fcde633d0c3277ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:36:10 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 01:14:45 GMT
server: AmazonS3
age: 572610
x-amz-cf-pop: FRA56-P4
etag: "e17e2a4eec749ee247a23001205ccac8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 325931
x-amz-cf-id: ygzgX00SeauCuCaLBvBTz6hU_UEskYKPfTv6RLCpbNcF5L43i37cXA==

GET
H2 200 desktop1.png
dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/banner/ 347 KB
348 KB 28ms
28ms Image
image/png 2600:9000:223e:3200:1:5424:4140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx35vtwkllhj9.cloudfront.net/universalstudios/trolls-band-together/images/regions/us/banner/desktop1.png
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3200:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c01f79f7f49a5eb88b0003387fc5787ebc65420b80202dcc1ff1caa9179051ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:06:29 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 01:14:57 GMT
server: AmazonS3
age: 52391
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
etag: "04521db33a93007477c42126242d9ea0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 355093
x-amz-cf-id: nnjqd6WuewU_4Gc_hWGGGojvaGaoLWzmYxUqqT968Wc9iP8Z9x7p8g==

GET
H2 200 dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=*;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
adservice.google.com/ddm/fls/z/ Frame CDD1 42 B
401 B 137ms
61ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=*;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F

Requested by

Host: 4480452.fls.doubleclick.net
URL: https://4480452.fls.doubleclick.net/activityi;dc_pre=CKrvocTOuIIDFcpVHgIdD7wAWA;src=4480452;type=undefined;cat=landingp;ord=6179771288704;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4480452.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/undefined/ 42 B
108 B 108ms
37ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/undefined/?random=1699591179568&cv=11&fst=1699588800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&fmt=3&is_vtc=1&cid=CAQSGwDICaaNaOxKsSX_d8pDySyp-N3eHob1JI1ZjA&random=436145873&rmt_tld=0&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/undefined/ 42 B
108 B 108ms
37ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/undefined/?random=1699591179568&cv=11&fst=1699588800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&fmt=3&is_vtc=1&cid=CAQSGwDICaaNaOxKsSX_d8pDySyp-N3eHob1JI1ZjA&random=436145873&rmt_tld=1&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/924229467/ 42 B
455 B 107ms
36ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/924229467/?random=1699591179600&cv=11&fst=1699588800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&fmt=3&is_vtc=1&cid=CAQSGwDICaaNnkbRZJFjbDzQW7dmE4zyZp8ohIZkUw&random=4143691437&rmt_tld=0&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/924229467/ 42 B
455 B 108ms
37ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/924229467/?random=1699591179600&cv=11&fst=1699588800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&fmt=3&is_vtc=1&cid=CAQSGwDICaaNnkbRZJFjbDzQW7dmE4zyZp8ohIZkUw&random=4143691437&rmt_tld=1&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/ 215 KB
67 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9038b214671cc27ffba2fc60ffdcd0850e355af61fc303049f5b2a42397111da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 23:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68298
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Nov 2024 23:31:57 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 141ms
36ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1699591179913&id=undefined&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=f77534b0-744d-4279-80a0-e4eac3e192b7&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 38ms
35ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1218339898&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trollstickets.com%2F&ul=en-us&de=UTF-8&dt=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=374384488&gjid=484259716&cid=1590042435.1699591180&tid=UA-111182121-93&_gid=1837507867.1699591180&_r=1&_slc=1&gtm=45He3b81n81MC55JLCv831986021&cd1=trolls%20band%20together%20movie%20-%20showtimes%20site&cd2=us&cd3=powster&cd4=showtimes&cd5=showtimes&cd6=Trolls%20Band%20Together&cd7=animation&cd8=n%2Fa&cd10=animation&cd11=2023-11-17&cd12=tt14362112&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd13=1590042435.1699591180&z=838617874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
108 B

38ms
34ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=lNQpCMHa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0lYZElkVGJPdHlnZ0hmRXlQVHVTYXVKSjV3SkdSd3lYRkRyMDBqLS0xRUpmVHkzd0h1czRiRSITCPH7m8TOuIIDFYXbEQgdd_UKXw&is_vtc=1&ocp_id=C7RNZbHKKIW3x_AP9-qr-AU&cid=CAQSKQDICaaNfBl1Lsx8SIi86Q9oAMR8J_05QOyXetQYSJq9V2dAsj0HTVQn&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQNLLPfbCNdNeABggZlefqC9sVAbB_bGV0&random=2944828159&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/965588907/?random=984627134&cv=11&fst=1699591179588&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=lNQpCMHa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0lYZElkVGJPdHlnZ0hmRXlQVHVTYXVKSjV3SkdSd3lYRkRyMDBqLS0xRUpmVHkzd0h1czRiRSITCPH7m8TOuIIDFYXbEQgdd_UKXw&is_vtc=1&ocp_id=C7RNZbHKKIW3x_AP9-qr-AU&cid=CAQSKQDICaaNfBl1Lsx8SIi86Q9oAMR8J_05QOyXetQYSJq9V2dAsj0HTVQn&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQNLLPfbCNdNeABggZlefqC9sVAbB_bGV0&random=2944828159&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 45ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3b81v888314821z8831986021&_p=1699591179275&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&dt=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&en=page_view&_fv=1&_ss=1&ep.movie_name=Trolls%20Band%20Together&ep.market=us&ep.genre_1=animation&ep.imdb_id=tt14362112&ep.content_genome_id=n%2Fa&ep.essence_genre=animation&ep.template=powster&ep.page_type=showtimes&ep.page_name=showtimes&ep.movie_release_date=2023-11-17&ep.site_name=trolls%20band%20together%20movie%20-%20showtimes%20site&tfd=1090
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 105ms
28ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VP9M4F29MZ&cid=1590042435.1699591180&gtm=45je3b81v888314821z8831986021&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 37ms
35ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VP9M4F29MZ&cid=1590042435.1699591180&gtm=45je3b81v888314821z8831986021&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2119110252

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1788729894762994 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1788729894762994?v=2.9.138&r=stable&domain=www.trollstickets.com

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

082f7fdc9ef2ff71c0684b757e898d597230fdc1dd225e5583385df33ba675d8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Nov 2023 04:39:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9pc/Atj2gr/aDxyOVez/AK0lcj4uufIunpH5i0WqHRArkmKGRr1ELUhBqISlD6tQ2U8Ri9r+S1HQyQ9Cy0diCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=oRRlCL63zuAYEO3xqIop&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1A1dEpWcWxZN3JsRFBjTEFTOC1qUnVzSDRaLTIteDBOWWg0bDQxUTdqMHNtbGtuTVptLVFmSSITCJPjnMTOuIIDFbEY4AodrKwJuQ&is_vtc=1&ocp_id=C7RNZdOxKbGxgAes2abICw&cid=CAQSKQDICaaNkg7A7i6IvF-QgUIuivOMy3GalucDE5n0gHOXAs4ap9XJWjBP&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQouL8r5Ow-ZEoFjzFr9yafKQN9b7J_7pM&random=2094850189&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/undefined/?random=1307700249&cv=11&fst=1699591179612&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=oRRlCL63zuAYEO3xqIop&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1A1dEpWcWxZN3JsRFBjTEFTOC1qUnVzSDRaLTIteDBOWWg0bDQxUTdqMHNtbGtuTVptLVFmSSITCJPjnMTOuIIDFbEY4AodrKwJuQ&is_vtc=1&ocp_id=C7RNZdOxKbGxgAes2abICw&cid=CAQSKQDICaaNkg7A7i6IvF-QgUIuivOMy3GalucDE5n0gHOXAs4ap9XJWjBP&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQouL8r5Ow-ZEoFjzFr9yafKQN9b7J_7pM&random=2094850189&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dm...
https://www.google.com/pagead/1p-conversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...
https://www.google.de/pagead/1p-conversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&...

42 B
64 B

36ms
36ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=eG5rCLjGzuAYELD5oqUp&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0NueTNWZHREM2hfcmFRUDdzblRhZmNUMlNuZFVISmVQaTM5dUluV3A1T0NCd014RU4wSno0ZyITCLrnnMTOuIIDFQHZEQgdcMUINw&is_vtc=1&ocp_id=C7RNZfq1KYGyx_AP8IqjuAM&cid=CAQSKQDICaaNXC4aAgmV9h0CbaMpA9J4m8pkqO4TTc91Th-1Ren5gU1Hc_7q&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQrWQCsS-vZH9A5jjGuN1mkDES1-HJudYg&random=610916221&ipr=y

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/undefined/?random=10952012&cv=11&fst=1699591179625&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=eG5rCLjGzuAYELD5oqUp&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0NueTNWZHREM2hfcmFRUDdzblRhZmNUMlNuZFVISmVQaTM5dUluV3A1T0NCd014RU4wSno0ZyITCLrnnMTOuIIDFQHZEQgdcMUINw&is_vtc=1&ocp_id=C7RNZfq1KYGyx_AP8IqjuAM&cid=CAQSKQDICaaNXC4aAgmV9h0CbaMpA9J4m8pkqO4TTc91Th-1Ren5gU1Hc_7q&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQrWQCsS-vZH9A5jjGuN1mkDES1-HJudYg&random=610916221&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3b81v888314821&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1699591179&sct=1&seg=1&dl=https%3A%2F%2Fwww.trollstickets.com%2F&dt=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&en=page_view&ep.movie_name=Trolls%20Band%20Together&ep.market=us&ep.genre_1=animation&ep.imdb_id=tt14362112&ep.content_genome_id=n%2Fa&ep.essence_genre=animation&ep.template=powster&ep.page_type=showtimes&ep.page_name=showtimes&ep.movie_release_date=2023-11-17&ep.site_name=trolls%20band%20together%20movie%20-%20showtimes%20site&_et=4&tfd=1175
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 31ms
31ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 32f2635
date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073131C0B9368B8BCF9CEAD65B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014fdfdf5a7334b47d6e60ea83ecee48143118a813b86e16dc657c8c261bdf46fc3e59cc8a1fe426e7965dfb5c27824de6be205acd77e7f79d70f92be6dd35f747d0e08329bea15cd5f5e572accb2f5cc5e7a8bf2c12a21cdb9f2ba9e8ba5516ad
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 108372

GET
H2 200 a6c53095-98bd-4f16-a999-ea3841f7a04b.js Show response
tr.snapchat.com/config/com/ 168 B
449 B 161ms
29ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/a6c53095-98bd-4f16-a999-ea3841f7a04b.js?v=3.4.17-2311092202

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/js/bolt.js?v=1699573861306

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

68c1deb1e7782bdfa830ff15c225203b876c914b9257a0a85ca1f6f3eade2be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trollstickets.com/
Origin: https://www.trollstickets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.trollstickets.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1BCB 0
201 B 161ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a6c53095-98bd-4f16-a999-ea3841f7a04b&u_scsid=14365e88-0e41-4632-91dd-d3aa430aeab8&u_sclid=c27a869b-581e-46d8-b723-56be0b364b40

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.trollstickets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 10 Nov 2023 04:39:40 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111182121-93&cid=1590042435.1699591180&jid=374384488&gjid=484259716&_gid=1837507867.1699591180&_u=YADAAEAAAAAAACAEK~&z=2132878826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Nov 2023 04:39:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ftUpFjGKuY0 Show response
www.youtube.com/embed/ Frame 4426 89 KB
38 KB 81ms
80ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f96cc6784462df3064309cf8fb97f8b106eba96cfd4975a251cf5b52d6af7df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trollstickets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:39:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 79ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1788729894762994&ev=PageView&dl=https%3A%2F%2Fwww.trollstickets.com%2F&rl=&if=false&ts=1699591180228&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1699591180224.9212314&ler=empty&it=1699591180044&coo=false&tm=1&rqm=GET

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Nov 2023 04:39:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 35ms
34ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111182121-93&cid=1590042435.1699591180&jid=374384488&_u=YADAAEAAAAAAACAEK~&z=1468862312

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111182121-93&cid=1590042435.1699591180&jid=374384488&_u=YADAAEAAAAAAACAEK~&z=1468862312

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 44ms
44ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 32f2701
date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073130A7C2B036400B76DDFDAD
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0119c2f50ee3c4d4626ef963278a6ab4e183f31e859c3bf10a79a904ce8e926d5f968dc3f6ab186237076b77ff3a397303985a187183fdec9fc67dcf7a5310ac2d2b6f4dc8c6dc1ba75ba526a19c743404655c27a8fdf88febf7f596e4d700d075
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 36223

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
910 B 899ms
794ms Ping
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7f0219d.efe06e0
date: Fri, 10 Nov 2023 04:39:41 GMT
x-bytefaas-request-id: 2023111004394016668B467E298D042D6C
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 762,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=677, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023111004394016668B467E298D042D6C
x-cache-remote: TCP_MISS from a23-52-1-206.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 3.93
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d2dc01fe881b4ca716f01807c6a3d0a92e1c314f8a63fe1973e3f438827f8b6b3540c2eaabe57907abb196f51aebf264a154a320a79fa3959bf968b5a6675398a79a9c49aad5050a5d559859f8759cd7a7ded958f8f7ed1222312f7d19c517196
x-origin-response-time: 677,23.52.1.206
access-control-allow-headers: *
expires: Fri, 10 Nov 2023 04:39:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
791 B 184ms
184ms Ping
text/plain 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1e539c46.32f2742
date: Fri, 10 Nov 2023 04:39:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 149,23.36.161.221
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=64, inner; dur=62
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311100439401E23D9A734D05C27D95C
x-cache-remote: TCP_MISS from a23-220-107-148.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 64,23.220.107.148
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d39ed7a7d0427c8cb50bb227e729673ea3cd95647b8d2e5d0b1a1dd28a0aa527b2c7edcc99e2ccaf7d1d982cf7b5141638e57036a7db889cf1c08905622d02ef236c56c1c680602bc27d737f9faf4e2089c4706262d394ac0351beafd08e764dd
access-control-allow-headers: Authorization,*
expires: Fri, 10 Nov 2023 04:39:40 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/5bdfe6d5/ Frame 4426 377 KB
48 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c38e4137faa1fea4776e411312ad0598bc3ec1c5ba8a3f2d65eccc83933eabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48775
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Nov 2024 04:21:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame 4426 56 KB
17 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d98363ded52b5ce2eec06a5d8d855b87707f5cd02729ffddf4d058e4901de9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:33:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17669
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:33:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/ Frame 4426 321 KB
96 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aea13eba5ef3838f3bdeca986afcacedf3e6c595e021a8a4042d9e7c2827d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98280
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 09 Nov 2024 04:08:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame 4426 2 MB
759 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f63c84a93df18a64253a18ff542d3dbe06ea9df9164b29f130c9e17abaf68517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 777281
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:32:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4426 15 KB
15 KB 75ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 5245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 03:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4426 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 113893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 21:01:27 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
299 B 33ms
33ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=a6c53095-98bd-4f16-a999-ea3841f7a04b&ev=SIGN_UP&intg=gtm&pids=a6c53095-98bd-4f16-a999-ea3841f7a04b&u_c1=31f0288c-5c96-4ff9-a75a-18879a796dae&u_sclid=c27a869b-581e-46d8-b723-56be0b364b40&u_scsid=14365e88-0e41-4632-91dd-d3aa430aeab8&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=600&m_fcps=394&m_pi=376&m_pl=0&m_pv=2&m_rd=1462&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.trollstickets.com%2F&trackId=70bbab22-2d6c-40a7-b3f1-03845fd3e578&ts=1699591180367&v=3.4.17-2311092202

Requested by

Host: www.trollstickets.com
URL: https://www.trollstickets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4426 113 B
159 B 29ms
29ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bade858bcf17b7d516079370b511132a684e41dbcc836c9ce672b27c21a7b792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4426 29 B
495 B 68ms
20ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:35:06 GMT
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 04:50:06 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 106ms
28ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 10 Nov 2023 04:39:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4426 68 KB
32 KB 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c2dc9685caf05cecceb0f29b64a29fa23dd0e91536dfa4c0c32598dfa658ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32113
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame 4426 116 KB
33 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17be94730b6be2695e790692586074fa19248ec2ac05b50ecb9b87d54f42ddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33736
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:32:37 GMT

GET
H3 200 zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js Show response
www.google.com/js/th/ Frame 4426 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 02:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14861
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 02:36:07 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/ftUpFjGKuY0/ Frame 4426 183 KB
184 KB 74ms
22ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ftUpFjGKuY0/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d4959531809ea683be180f10d631ebcf85d8b9ccacb5eb21ede29c1e7f935c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:10:29 GMT
x-content-type-options: nosniff
age: 1751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187828
x-xss-protection: 0
server: sffe
etag: "1694633033"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 06:10:29 GMT

GET
DATA 200
OK truncated
/ Frame 4426 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 _xmrueXlQyPmO379bSt2BjirLWXxNOUoQn1jV0DpOlxxeCGlx9Z2L9HxfoWMgdsdIyGFh17W1A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4426 3 KB
3 KB 70ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/_xmrueXlQyPmO379bSt2BjirLWXxNOUoQn1jV0DpOlxxeCGlx9Z2L9HxfoWMgdsdIyGFh17W1A=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7971ef2621082b26c26285633a1381f07f8fb53e00d3e2ed0f9f94da3d89ab5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:56:09 GMT
x-content-type-options: nosniff
age: 13411
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 11 Nov 2023 00:56:09 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4426 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?XdMaOA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4426 4 KB
2 KB 83ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 04:39:40 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 4426 86 KB
32 KB 105ms
105ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

11d001073767ac94428909543194f2d7dbd6a775406f90231ec51813958836be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231107.01.00
X-Goog-Visitor-Id: Cgt2d3E3T0xPbVk4ayiM6LaqBjIICgJERRICEgA%3D

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32622
x-xss-protection: 0
expires: Fri, 10 Nov 2023 04:39:40 GMT

GET
DATA 200
OK truncated
/ Frame 4426 364 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efa4755198974d4624c5cdc7bf45d009be8acfd1d7b2b6c534489682c9fe4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 10 Nov 2023 04:39:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4426 90 B
134 B 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07beb8f0e770dc316bfeaa65fcfe12dd01c9bdf89ef22ad9bdb69f157b7a12b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 4426 0
19 B 30ms
30ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=397&cpn=nYRV5MEE1D2v2Ihe&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C17228%2C8460%2C9541%2C1089%2C5877%2C394%2C3200%2C26436294%2C4054%2C1253%2C677%2C5181%2C9369%2C820%2C736%2C2040%2C7229%2C859%2C1093%2C1432%2C885%2C6446%2C7662&cl=580336156&seq=1&docid=ftUpFjGKuY0&ei=DLRNZZDxLqSEi9oPovqS0A0&event=streamingstats&plid=AAYJxOiYVlP5OI6r&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FftUpFjGKuY0%3Frel%3D0%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.trollstickets.com%26widgetid%3D1&qclc=ChBuWVJWNU1FRTFEMnYySWhlEAE&embargoed=0&cbr=Chrome&cbrver=119.0.6045.123&c=WEB_EMBEDDED_PLAYER&cver=1.20231107.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.132:B,0.132:B&cat=streaming&cmt=0.009:0.000,0.132:0.000&vfs=0.132:397:397::r&view=0.132:1024:576&bwe=0.132:130000&bat=0.132:1:1&vis=0.132:0&bh=0.132:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
X-YouTube-Client-Version: 1.20231107.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2d3E3T0xPbVk4ayiM6LaqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1699591180513&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKoL8quhSSKCMf4tk5lmcqO8VAoqM5Y59DsFPM4veV6b9TJBWaYFMds8Cj4p0L9JcsbiubaecP_v7dJ9Rq8pCx4vyXK-7g

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5lznl6.googlevideo.com/ Frame 4426 151 KB
152 KB 95ms
23ms Fetch
application/vnd.yt-ump 2a00:1450:4001:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznl6.googlevideo.com/videoplayback?expire=1699612780&ei=DLRNZZDxLqSEi9oPovqS0A0&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A6&id=o-AIX2eTpCDU-WhhhGOCbPD9Bxs1yTiNMJ3kZHNHE4Blpv&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=H_&mm=31%2C26&mn=sn-4g5lznl6%2Csn-f5f7kn7e&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=3975000&spc=UWF9f4w2IYop5GiIcymn_zQHoWfDtZC2mBW2k7s_sQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=VYrLEUZznRpWa05rF1il4wAP&gir=yes&clen=7971585&dur=173.756&lmt=1694762466315337&mt=1699590550&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=L10p4DovnpfPNQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgfUVaXrv08qgMMy2yALc0yblwE6rZFNH1u9cUeZAaVWwCIQCiKmDIoWdFncdUqJlrI0FnxKn2mWswUn6Jg26pDklFmw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgGwBfzNhYaaQmK4NJN89OHd7ALtdvTvhfOgDVsmQ0RCACIQCo9eTxcXucSjNWxAFYBW1ailfboB3dijzrFE99wsm4vA%3D%3D&alr=yes&cpn=nYRV5MEE1D2v2Ihe&cver=1.20231107.01.00&range=0-154695&rn=1&rbuf=0&pot=IjL69_rxn7pO-7mQjsWexL_ErseCp5ihkcObjpO6zLubhrids765kLCyqKWztL-Qu9LJsw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:28::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1120a6f233ee7324b572746f3db69881f470bc714ac3c9f8cd4d4d70d698fe1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 04:39:40 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Fri, 15 Sep 2023 07:21:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 10 Nov 2023 04:39:40 GMT

POST
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5lznl6.googlevideo.com/ Frame 4426 65 KB
66 KB 93ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznl6.googlevideo.com/videoplayback?expire=1699612780&ei=DLRNZZDxLqSEi9oPovqS0A0&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A6&id=o-AIX2eTpCDU-WhhhGOCbPD9Bxs1yTiNMJ3kZHNHE4Blpv&itag=251&source=youtube&requiressl=yes&mh=H_&mm=31%2C26&mn=sn-4g5lznl6%2Csn-f5f7kn7e&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=3975000&spc=UWF9f4w2IYop5GiIcymn_zQHoWfDtZC2mBW2k7s_sQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=VYrLEUZznRpWa05rF1il4wAP&gir=yes&clen=2804313&dur=173.781&lmt=1694715458579987&mt=1699590550&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=L10p4DovnpfPNQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRgIhAIf0fJ3Zz8bMYuEVgC1sCA3qJcNA_e5qMzySRq_AmmkOAiEApl43_3L9EseLaQMUn7etddF8EBvGY3mOF5pM5rh9UCQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgGwBfzNhYaaQmK4NJN89OHd7ALtdvTvhfOgDVsmQ0RCACIQCo9eTxcXucSjNWxAFYBW1ailfboB3dijzrFE99wsm4vA%3D%3D&alr=yes&cpn=nYRV5MEE1D2v2Ihe&cver=1.20231107.01.00&range=0-66104&rn=2&rbuf=0&pot=IjJMsUy3Kfz4vQ_WOIMoggmCGIE04S7nJ4UtyCX8ev0twA7bBfgP1gb0HuMF8gnWDZR_9Q==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:28::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e44b5c6c277ac936eff17bb7e76cf29f592a89858b1a61df5bd3733c1464dee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 04:39:40 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Thu, 14 Sep 2023 18:17:38 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 10 Nov 2023 04:39:40 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame 4426 71 KB
24 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd20465bed92c436546c115e69d3ea71c86790e935b779cdd6a227d932f97bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24439
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:36:47 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/ Frame 4426 33 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bdddb1f9402d54e06fde4f76515176b532786126d04c797929ef3d71e7769be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8403
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 02:48:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:36:47 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 4426 8 KB
3 KB 219ms
219ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

2b48f76b2dc85e25cc71712415b230200585c1dbf631eda984f01eaf046bf8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231107.01.00
X-Goog-Visitor-Id: Cgt2d3E3T0xPbVk4ayiM6LaqBjIICgJERRICEgA%3D

Response headers

date: Fri, 10 Nov 2023 04:39:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2609
x-xss-protection: 0
expires: Fri, 10 Nov 2023 04:39:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/119/ Frame 4426 50 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 10 Nov 2023 15:46:06 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4426 28 B
55 B 40ms
36ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Goog-Request-Time: 1699591180915
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
X-YouTube-Client-Version: 1.20231107.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2d3E3T0xPbVk4ayiM6LaqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1699591180421&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKoL8quhSSKCMf4tk5lmcqO8VAoqM5Y59DsFPM4veV6b9TJBWaYFMds8Cj4p0L9JcsbiubaecP_v7dJ9Rq8pCx4vyXK-7g

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 10 Nov 2023 04:39:40 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 32ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1699591180943&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=kjNDCNPa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&bttype=purchase&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

5e1eeabdf958d876a5c84b0658767658ea004f00b50112da85fd529d39fdf40e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1666
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 1C2B 0
60 B 130ms
43ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hztlnt1&ref=https%3A%2F%2Fwww.trollstickets.com%2F&upid=cp4n85h&upv=1.1.0&td1=Trolls%20Band%20Together&td2=animation
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Fri, 10 Nov 2023 04:39:41 GMT
server: Kestrel

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4426 28 B
55 B 41ms
38ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Goog-Request-Time: 1699591180962
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
X-YouTube-Client-Version: 1.20231107.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2d3E3T0xPbVk4ayiM6LaqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1699591180421&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKoL8quhSSKCMf4tk5lmcqO8VAoqM5Y59DsFPM4veV6b9TJBWaYFMds8Cj4p0L9JcsbiubaecP_v7dJ9Rq8pCx4vyXK-7g

Response headers

date: Fri, 10 Nov 2023 04:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 10 Nov 2023 04:39:40 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=kjNDCNPa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1BZWFNocXNENWNkVndNY2Z2anphcXpTc0o3akVhTC15bGVldUVUUzRpMHlsRlJiYXlfTHdmNCITCIeG68TOuIIDFeD5EQgdqWIPvg&is_vtc=1&ocp_id=DLRNZYfQOuDzx_APqcW98As&cid=CAQSKQDICaaN7O1rqijgoS7TIhHv0JwGcx4tu2vKWO9UdPcaa6GijjikRoMl&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQUvRnCSOGVlcSS_ksKJrPBSc-fBoIajbo&random=1631510103&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/965588907/?random=1553300541&cv=11&fst=1699591180943&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=kjNDCNPa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb1BZWFNocXNENWNkVndNY2Z2anphcXpTc0o3akVhTC15bGVldUVUUzRpMHlsRlJiYXlfTHdmNCITCIeG68TOuIIDFeD5EQgdqWIPvg&is_vtc=1&ocp_id=DLRNZYfQOuDzx_APqcW98As&cid=CAQSKQDICaaN7O1rqijgoS7TIhHv0JwGcx4tu2vKWO9UdPcaa6GijjikRoMl&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQUvRnCSOGVlcSS_ksKJrPBSc-fBoIajbo&random=1631510103&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/ftUpFjGKuY0/ Frame 4426 183 KB
184 KB 32ms
31ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ftUpFjGKuY0/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d4959531809ea683be180f10d631ebcf85d8b9ccacb5eb21ede29c1e7f935c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:41 GMT
x-content-type-options: nosniff
server: sffe
etag: "1694633033"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187828
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 06:39:41 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznl6.googlevideo.com/ Frame 4426 150 KB
150 KB 45ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznl6.googlevideo.com/videoplayback?expire=1699612780&ei=DLRNZZDxLqSEi9oPovqS0A0&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A6&id=o-AIX2eTpCDU-WhhhGOCbPD9Bxs1yTiNMJ3kZHNHE4Blpv&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=H_&mm=31%2C26&mn=sn-4g5lznl6%2Csn-f5f7kn7e&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=3975000&spc=UWF9f4w2IYop5GiIcymn_zQHoWfDtZC2mBW2k7s_sQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=VYrLEUZznRpWa05rF1il4wAP&gir=yes&clen=7971585&dur=173.756&lmt=1694762466315337&mt=1699590550&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=L10p4DovnpfPNQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgfUVaXrv08qgMMy2yALc0yblwE6rZFNH1u9cUeZAaVWwCIQCiKmDIoWdFncdUqJlrI0FnxKn2mWswUn6Jg26pDklFmw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgGwBfzNhYaaQmK4NJN89OHd7ALtdvTvhfOgDVsmQ0RCACIQCo9eTxcXucSjNWxAFYBW1ailfboB3dijzrFE99wsm4vA%3D%3D&alr=yes&cpn=nYRV5MEE1D2v2Ihe&cver=1.20231107.01.00&range=154696-308275&rn=3&rbuf=2390&pot=Mm7knnZ0tpU1POSmpsefIBEoKuCCZ4Oxtiy6IJ8jR0SqlkKUDFgDK2haZ-DoWIhaHuzP3fg3S2Oj4MavjjIEuP7vCE_aTuEYJDhcp7AqoF6auqUSSvFYRitiAcGWPki4DGNF23Abg1wYyUbD2uA2CA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:28::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e352288bbf55f8c96f648f68da407300d23c14dc5079e10fc3be9e0c59c4ff37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 10 Nov 2023 04:39:41 GMT
date: Fri, 10 Nov 2023 04:39:41 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 15 Sep 2023 07:21:06 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznl6.googlevideo.com/ Frame 4426 73 KB
73 KB 27ms
27ms Fetch
application/vnd.yt-ump 2a00:1450:4001:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznl6.googlevideo.com/videoplayback?expire=1699612780&ei=DLRNZZDxLqSEi9oPovqS0A0&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A6&id=o-AIX2eTpCDU-WhhhGOCbPD9Bxs1yTiNMJ3kZHNHE4Blpv&itag=251&source=youtube&requiressl=yes&mh=H_&mm=31%2C26&mn=sn-4g5lznl6%2Csn-f5f7kn7e&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=3975000&spc=UWF9f4w2IYop5GiIcymn_zQHoWfDtZC2mBW2k7s_sQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=VYrLEUZznRpWa05rF1il4wAP&gir=yes&clen=2804313&dur=173.781&lmt=1694715458579987&mt=1699590550&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=L10p4DovnpfPNQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRgIhAIf0fJ3Zz8bMYuEVgC1sCA3qJcNA_e5qMzySRq_AmmkOAiEApl43_3L9EseLaQMUn7etddF8EBvGY3mOF5pM5rh9UCQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgGwBfzNhYaaQmK4NJN89OHd7ALtdvTvhfOgDVsmQ0RCACIQCo9eTxcXucSjNWxAFYBW1ailfboB3dijzrFE99wsm4vA%3D%3D&alr=yes&cpn=nYRV5MEE1D2v2Ihe&cver=1.20231107.01.00&range=66105-140783&rn=4&rbuf=4144&pot=Mm7knnZ0tpU1POSmpsefIBEoKuCCZ4Oxtiy6IJ8jR0SqlkKUDFgDK2haZ-DoWIhaHuzP3fg3S2Oj4MavjjIEuP7vCE_aTuEYJDhcp7AqoF6auqUSSvFYRitiAcGWPki4DGNF23Abg1wYyUbD2uA2CA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:28::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b8f5e0e2527afa39fe2a9cdc6f95e70518274bd893e1b5d0e5813679f19a6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 10 Nov 2023 04:39:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 18:17:38 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 10 Nov 2023 04:39:41 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/ftUpFjGKuY0/ Frame 4426 183 KB
183 KB 22ms
21ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ftUpFjGKuY0/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d4959531809ea683be180f10d631ebcf85d8b9ccacb5eb21ede29c1e7f935c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:41 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187828
x-xss-protection: 0
server: sffe
etag: "1694633033"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 06:39:41 GMT

GET
H2 200 _xmrueXlQyPmO379bSt2BjirLWXxNOUoQn1jV0DpOlxxeCGlx9Z2L9HxfoWMgdsdIyGFh17W1A=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4426 4 KB
4 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/_xmrueXlQyPmO379bSt2BjirLWXxNOUoQn1jV0DpOlxxeCGlx9Z2L9HxfoWMgdsdIyGFh17W1A=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d842f8078782743b783afdd5bf1593aac5f13128f0c738199abe4da3653665f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:27:35 GMT
x-content-type-options: nosniff
age: 726
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4279
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 11 Nov 2023 04:27:35 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznl6.googlevideo.com/ Frame 4426 341 KB
341 KB 22ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznl6.googlevideo.com/videoplayback?expire=1699612780&ei=DLRNZZDxLqSEi9oPovqS0A0&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A6&id=o-AIX2eTpCDU-WhhhGOCbPD9Bxs1yTiNMJ3kZHNHE4Blpv&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=H_&mm=31%2C26&mn=sn-4g5lznl6%2Csn-f5f7kn7e&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=3975000&spc=UWF9f4w2IYop5GiIcymn_zQHoWfDtZC2mBW2k7s_sQ&vprv=1&svpuc=1&mime=video%2Fmp4&ns=VYrLEUZznRpWa05rF1il4wAP&gir=yes&clen=7971585&dur=173.756&lmt=1694762466315337&mt=1699590550&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=L10p4DovnpfPNQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRQIgfUVaXrv08qgMMy2yALc0yblwE6rZFNH1u9cUeZAaVWwCIQCiKmDIoWdFncdUqJlrI0FnxKn2mWswUn6Jg26pDklFmw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgGwBfzNhYaaQmK4NJN89OHd7ALtdvTvhfOgDVsmQ0RCACIQCo9eTxcXucSjNWxAFYBW1ailfboB3dijzrFE99wsm4vA%3D%3D&alr=yes&cpn=nYRV5MEE1D2v2Ihe&cver=1.20231107.01.00&range=308276-657814&rn=5&rbuf=4781&pot=Mm7knnZ0tpU1POSmpsefIBEoKuCCZ4Oxtiy6IJ8jR0SqlkKUDFgDK2haZ-DoWIhaHuzP3fg3S2Oj4MavjjIEuP7vCE_aTuEYJDhcp7AqoF6auqUSSvFYRitiAcGWPki4DGNF23Abg1wYyUbD2uA2CA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:28::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b671d2ff25287b1dd475f8c7d01ff88f0dd638071718921d987e8f82cc159ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 10 Nov 2023 04:39:41 GMT
date: Fri, 10 Nov 2023 04:39:41 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 15 Sep 2023 07:21:06 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-4g5lznl6.googlevideo.com/ Frame 4426 156 KB
156 KB 22ms
22ms Fetch
application/vnd.yt-ump 2a00:1450:4001:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5lznl6.googlevideo.com/videoplayback?expire=1699612780&ei=DLRNZZDxLqSEi9oPovqS0A0&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A6&id=o-AIX2eTpCDU-WhhhGOCbPD9Bxs1yTiNMJ3kZHNHE4Blpv&itag=251&source=youtube&requiressl=yes&mh=H_&mm=31%2C26&mn=sn-4g5lznl6%2Csn-f5f7kn7e&ms=au%2Conr&mv=m&mvi=2&pl=48&initcwndbps=3975000&spc=UWF9f4w2IYop5GiIcymn_zQHoWfDtZC2mBW2k7s_sQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=VYrLEUZznRpWa05rF1il4wAP&gir=yes&clen=2804313&dur=173.781&lmt=1694715458579987&mt=1699590550&fvip=1&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=L10p4DovnpfPNQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=ANLwegAwRgIhAIf0fJ3Zz8bMYuEVgC1sCA3qJcNA_e5qMzySRq_AmmkOAiEApl43_3L9EseLaQMUn7etddF8EBvGY3mOF5pM5rh9UCQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AM8Gb2swRQIgGwBfzNhYaaQmK4NJN89OHd7ALtdvTvhfOgDVsmQ0RCACIQCo9eTxcXucSjNWxAFYBW1ailfboB3dijzrFE99wsm4vA%3D%3D&alr=yes&cpn=nYRV5MEE1D2v2Ihe&cver=1.20231107.01.00&range=140784-300558&rn=6&rbuf=8866&pot=Mm7knnZ0tpU1POSmpsefIBEoKuCCZ4Oxtiy6IJ8jR0SqlkKUDFgDK2haZ-DoWIhaHuzP3fg3S2Oj4MavjjIEuP7vCE_aTuEYJDhcp7AqoF6auqUSSvFYRitiAcGWPki4DGNF23Abg1wYyUbD2uA2CA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:28::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e798626375d6fd66fcb078752994a9378479e70934a3be836051ddf5e3199459

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 10 Nov 2023 04:39:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Sep 2023 18:17:38 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 10 Nov 2023 04:39:41 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 36ms
35ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1699591182450&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=yEHBCMTa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&bttype=purchase&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c39c274d08ce6f9cbab8ebad480a063118742fee30645bb15d22bd66c8530a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1666
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=... Show response
4480452.fls.doubleclick.net/ Frame A24D
Redirect Chain

https://4480452.fls.doubleclick.net/activityi;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;ua...
https://4480452.fls.doubleclick.net/activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l...

503 B
320 B

63ms
62ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4480452.fls.doubleclick.net/activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

d9ee4bce191a8384a983e60e32a22e684af1e0b24f4e2a695549bf1ea9fe305e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trollstickets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:39:42 GMT
expires: Fri, 10 Nov 2023 04:39:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 04:39:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4480452.fls.doubleclick.net/activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/965588907/ 3 KB
2 KB 35ms
35ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/965588907/?random=1699591182467&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=-adnCMra4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&bttype=purchase&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC55JLC

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7e58fe69c9130f890725e135a0c6ec9e745aade8fb80b8258059d18fee294a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3b81v888314821&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1699591179&sct=1&seg=1&dl=https%3A%2F%2Fwww.trollstickets.com%2F&dt=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&en=scroll&epn.percent_scrolled=90&_et=70&tfd=3579
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 28ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VP9M4F29MZ&gtm=45je3b81v888314821z8831986021&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1699591179&sct=1&seg=1&dl=https%3A%2F%2Fwww.trollstickets.com%2F&dt=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&en=3sec_dwell&_c=1&ep.movie_name=Trolls%20Band%20Together&ep.market=us&ep.genre_1=animation&ep.imdb_id=tt14362112&ep.content_genome_id=n%2Fa&ep.essence_genre=animation&ep.template=powster&ep.page_type=showtimes&ep.page_name=showtimes&ep.movie_release_date=2023-11-17&ep.site_name=trolls%20band%20together%20movie%20-%20showtimes%20site&_et=2393&tfd=3580
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VP9M4F29MZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
19ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1218339898&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.trollstickets.com%2F&ul=en-us&de=UTF-8&dt=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=3sec%20Dwell&ea=undefined&_u=aADAAEABAAAAACAEK~&jid=&gjid=&cid=1590042435.1699591180&tid=UA-111182121-93&_gid=1837507867.1699591180&gtm=45He3b81n81MC55JLCv831986021&cd1=trolls%20band%20together%20movie%20-%20showtimes%20site&cd2=us&cd3=powster&cd4=showtimes&cd5=showtimes&cd6=Trolls%20Band%20Together&cd7=animation&cd8=n%2Fa&cd10=animation&cd11=2023-11-17&cd12=tt14362112&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd13=1590042435.1699591180&z=1486311501

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 21:51:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24467
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 25ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1788729894762994&ev=3s%20Dwell&dl=https%3A%2F%2Fwww.trollstickets.com%2F&rl=&if=false&ts=1699591182463&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1699591180224.9212314&ler=empty&it=1699591180044&coo=false&tm=2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Nov 2023 04:39:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 p
tr.snapchat.com/ 68 B
87 B 34ms
32ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=a6c53095-98bd-4f16-a999-ea3841f7a04b&ev=PURCHASE&intg=gtm&pids=a6c53095-98bd-4f16-a999-ea3841f7a04b&u_c1=31f0288c-5c96-4ff9-a75a-18879a796dae&u_sclid=c27a869b-581e-46d8-b723-56be0b364b40&u_scsid=14365e88-0e41-4632-91dd-d3aa430aeab8&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=600&m_fcps=394&m_pi=376&m_pl=2035&m_pv=2&m_rd=3559&m_sh=1200&m_sl=1201&m_sw=1600&pl=https%3A%2F%2Fwww.trollstickets.com%2F&trackId=940e180c-1e03-4ff6-aa3e-cc2b9743938c&ts=1699591182465&v=3.4.17-2311092202

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
148 B 45ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=hztlnt1&ct=0:niat6li&fmt=3&td1=Trolls%20Band%20Together&td2=animation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:39:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
791 B 172ms
171ms Ping
text/plain 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 62ce93c.32f334d
date: Fri, 10 Nov 2023 04:39:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 135,23.36.161.221
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=49, inner; dur=46
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311100439423C02B6C5D156E418BEC7
x-cache-remote: TCP_MISS from a23-48-200-197.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 49,23.48.200.197
x-tt-trace-host: 015c91947f38d3c27845e9b099943b1b0d39ed7a7d0427c8cb50bb227e729673ea5edf73b93daaf930b6334491a6903e747c0a1002ce3c35e59504e536354fc33b83bb3eef6c2342a4f5c4aadf5d1f56adc248f6b95ac0a512c4ff521f804d398e3eb9bd9558a7c1d706346d658d0bd5b5
access-control-allow-headers: Authorization,*
expires: Fri, 10 Nov 2023 04:39:42 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
64 B

35ms
35ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=yEHBCMTa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb01xZTJRQzZpTjRFMG5NaGxFSmtKcDdRd0RNMENUUjNxTy15aExrQXBXUy1nRDdBMkpDSTZ3ayITCNSBx8XOuIIDFVo24Aod4NgCag&is_vtc=1&ocp_id=DrRNZdTCHNrsgAfgsYvQBg&cid=CAQSKQDICaaNExjEZE_IXj0lmtyZ76EYSFWEqEVqCdQ6f1CwscRt1IdMlxRA&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQ4dxOJEfZpN8ZhWXDT-491X-skGHURvz8&random=543714350&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/965588907/?random=1352455440&cv=11&fst=1699591182450&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=yEHBCMTa4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb01xZTJRQzZpTjRFMG5NaGxFSmtKcDdRd0RNMENUUjNxTy15aExrQXBXUy1nRDdBMkpDSTZ3ayITCNSBx8XOuIIDFVo24Aod4NgCag&is_vtc=1&ocp_id=DrRNZdTCHNrsgAfgsYvQBg&cid=CAQSKQDICaaNExjEZE_IXj0lmtyZ76EYSFWEqEVqCdQ6f1CwscRt1IdMlxRA&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjQ4dxOJEfZpN8ZhWXDT-491X-skGHURvz8&random=543714350&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/965588907/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
64 B

35ms
34ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=-adnCMra4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0diMTRiT3ZjeDBfV0Q0REU2N0NXbXBDVW5DeDIwV21zMUR4NW1wQkNqVEJRd0tjWlE4QjUwUSITCPKByMXOuIIDFfnREQgdmAEMOA&is_vtc=1&ocp_id=DrRNZfLCHfmjx_APmIOwwAM&cid=CAQSKQDICaaNTfDKKfXQ7UHhdTw_yX76cIt8_pAjw8CG9SzcKpykgqiOQlyF&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjTwHhA5J4q1aV2PNGFkGxMF_TIa5Qm9cGg&random=2188458884&ipr=y

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.trollstickets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/965588907/?random=366084326&cv=11&fst=1699591182467&bg=ffffff&guid=ON&async=1&gtm=45He3b81v831986021&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.trollstickets.com%2F&label=-adnCMra4eIYEKvvtswD&hn=www.googleadservices.com&frm=0&tiba=Trolls%20Band%20Together%20%7C%20Showtimes%20%7C%20Get%20Tickets%20Now&value=0&us_privacy=1---&auid=235753221.1699591180&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUklsQUFqNmo2aHp0TzJ2WFZLazNlWl9Sb0hTTUd5a01GS0ZrNFlRc19ZQy1yY2stMVpPQmcaV0NoQUlnS095cWdZUTd2UGR5TVc2enBGRkVpMEFwRzhwb0diMTRiT3ZjeDBfV0Q0REU2N0NXbXBDVW5DeDIwV21zMUR4NW1wQkNqVEJRd0tjWlE4QjUwUSITCPKByMXOuIIDFfnREQgdmAEMOA&is_vtc=1&ocp_id=DrRNZfLCHfmjx_APmIOwwAM&cid=CAQSKQDICaaNTfDKKfXQ7UHhdTw_yX76cIt8_pAjw8CG9SzcKpykgqiOQlyF&eitems=ChEIgKOyqgYQmcOq9cfPtJX0ARIdAOa3kjTwHhA5J4q1aV2PNGFkGxMF_TIa5Qm9cGg&random=2188458884&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=*;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
adservice.google.com/ddm/fls/z/ Frame A24D 42 B
107 B 61ms
61ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=*;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F

Requested by

Host: 4480452.fls.doubleclick.net
URL: https://4480452.fls.doubleclick.net/activityi;dc_pre=CIaqyMXOuIIDFYJIHgIdUioGQQ;src=4480452;type=undefined;cat=3sdwell;ord=9806266993817;auiddc=235753221.1699591180;gtm=45He3b81v831986021;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.trollstickets.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4480452.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4426 28 B
54 B 33ms
32ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5bdfe6d5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Goog-Request-Time: 1699591182953
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ftUpFjGKuY0?rel=0&enablejsapi=1&origin=https%3A%2F%2Fwww.trollstickets.com&widgetid=1
X-YouTube-Client-Version: 1.20231107.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2d3E3T0xPbVk4ayiM6LaqBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1699591180421&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C576&vis=1&wgl=true&ca_type=image&bid=ANyPxKoL8quhSSKCMf4tk5lmcqO8VAoqM5Y59DsFPM4veV6b9TJBWaYFMds8Cj4p0L9JcsbiubaecP_v7dJ9Rq8pCx4vyXK-7g

Response headers

date: Fri, 10 Nov 2023 04:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 10 Nov 2023 04:39:42 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W6FD9FK0F1&gtm=45je3b81v881931567&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=boltShowtimes&dp=boltShowtimes&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&_s=2&tfd=5896
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6FD9FK0F1&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MLHXQJPPKK&gtm=45je3b81v870129408&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=boltShowtimes&dp=boltShowtimes&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&_s=2&tfd=5914
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MLHXQJPPKK&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4SFYGCDPE8&gtm=45je3b81v9167507124&_p=1699591179275&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1590042435.1699591180&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=boltShowtimes&dp=boltShowtimes&sid=1699591179&sct=1&seg=0&dl=https%3A%2F%2Fwww.trollstickets.com%2F&_s=2&tfd=5940
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SFYGCDPE8&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.trollstickets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 04:39:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trollstickets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:07:57	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.trollstickets.com/	1970-01-20 18:16:07	Name: _gcl_au Value: 1.1.235753221.1699591180
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 89fVojTMMec
.youtube.com/	1970-01-20 20:25:43	Name: VISITOR_INFO1_LIVE Value: vwq7OLOmY8k
.tiktok.com/	1970-01-21 01:28:07	Name: _ttp Value: 2XyAvyTY9zhVxhIObAEVBL9QK1p
.doubleclick.net/	1970-01-21 01:28:07	Name: IDE Value: AHWqTUnRDv36IIZ5W7TsJXh_cXmSm_m-l4QWh1QgInbOhEjTmWs8_PGZSbml6E6AhbM
.trollstickets.com/	1970-01-20 18:16:07	Name: _rdt_uuid Value: 1699591179912.f77534b0-744d-4279-80a0-e4eac3e192b7
.trollstickets.com/	1970-01-20 16:07:57	Name: _gid Value: GA1.2.1837507867.1699591180
.trollstickets.com/	1970-01-20 16:06:31	Name: _gat_UA-111182121-93 Value: 1
.trollstickets.com/	1970-01-21 01:36:17	Name: _scid Value: 31f0288c-5c96-4ff9-a75a-18879a796dae
.trollstickets.com/	1970-01-21 01:36:17	Name: _scid_r Value: 31f0288c-5c96-4ff9-a75a-18879a796dae
www.trollstickets.com/	1970-01-21 00:52:07	Name: usprivacy Value: 1---
.trollstickets.com/	1970-01-20 18:16:07	Name: _fbp Value: fb.1.1699591180224.9212314
.trollstickets.com/	1970-01-21 01:28:07	Name: _tt_enable_cookie Value: 1
.trollstickets.com/	1970-01-21 01:28:07	Name: _ttp Value: nJzGTg8rKYBiRmisgRsQZLE6F3I
.snapchat.com/	1970-01-21 01:28:07	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQkrJszTmVBldwfG1/O1UHgVWOR9lhqYPVPFj8MzHD15bJjcEFSCpGhTIAAAA=
.trollstickets.com/	1970-01-21 01:42:31	Name: _ga_W6FD9FK0F1 Value: GS1.1.1699591179.1.0.1699591180.0.0.0
.trollstickets.com/	1970-01-21 01:42:31	Name: _ga_MLHXQJPPKK Value: GS1.1.1699591179.1.0.1699591180.0.0.0
.trollstickets.com/	1970-01-21 01:42:31	Name: _ga_4SFYGCDPE8 Value: GS1.1.1699591179.1.0.1699591180.0.0.0
.trollstickets.com/	1970-01-21 01:42:31	Name: _ga Value: GA1.2.1590042435.1699591180
.trollstickets.com/	1970-01-21 01:42:31	Name: _ga_VP9M4F29MZ Value: GS1.1.1699591179.1.1.1699591182.57.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/5bdfe6d5/www-widgetapi.vflset/www-widgetapi.js(Line 1249) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4480452.fls.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.pangle-ads.com
analytics.tiktok.com
cdn.cookielaw.org
connect.facebook.net
dx35vtwkllhj9.cloudfront.net
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
insight.adsrvr.org
jnn-pa.googleapis.com
js.adsrvr.org
jssdkcdns.mparticle.com
p.typekit.net
region1.analytics.google.com
region1.google-analytics.com
rr2---sn-4g5lznl6.googlevideo.com
sc-static.net
showtimes-v2.s-prod.pow.io
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
stdata.powster.com
tr.snapchat.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.trollstickets.com
www.youtube.com
yt3.ggpht.com
108.138.15.119
142.250.184.194
142.250.185.134
143.204.207.250
146.75.120.157
151.101.65.140
193.108.153.24
2001:4860:4802:34::36
23.36.163.249
2600:9000:223e:3200:1:5424:4140:21
2600:9000:225e:3600:7:abd8:9d80:93a1
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a00:1450:4001:28::7
2a00:1450:4001:800::2016
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2006
2a00:1450:4001:827::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9b
2a02:26f0:480:f::213:7ee1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::645
2a04:4e42::396
3.33.220.150
35.190.43.134
52.208.74.24
52.222.214.106
000b59e2a7ef7c441e898e987e976c98c9c8b5f3e6d4fd4024cab520d2dc23f1
0317aaba39ebed876b072bea4629e7a1b5745a3c9e6f088c087f461c98631f60
03c51b645393fecb990b8ac7ce4cb8caa212548f52d1f4b965e8f613a966b309
07beb8f0e770dc316bfeaa65fcfe12dd01c9bdf89ef22ad9bdb69f157b7a12b3
082f7fdc9ef2ff71c0684b757e898d597230fdc1dd225e5583385df33ba675d8
085f4b819e86ec22057ccf697e2eebd702548f5ebe3217b988de88b2c220e06c
08d31287f4e4689c63b97ca63b8169879d8e2ccb8caa72e0b44c32b8b2d5c2e2
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0c2dc9685caf05cecceb0f29b64a29fa23dd0e91536dfa4c0c32598dfa658ee3
1120a6f233ee7324b572746f3db69881f470bc714ac3c9f8cd4d4d70d698fe1c
11d001073767ac94428909543194f2d7dbd6a775406f90231ec51813958836be
1799c4efb0adfe67caf1045fbb81408dfc7f713691348f91a66d78771ed6d5e2
17be94730b6be2695e790692586074fa19248ec2ac05b50ecb9b87d54f42ddc8
1bdddb1f9402d54e06fde4f76515176b532786126d04c797929ef3d71e7769be
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e0a870f4a478aae2eef7bf71f476958b7764b7a2bcdfe60d58294526e3ed6a2
1fc521a55b0accde064a79c588f85befd1b4cfaba3b427765ce200b6b18330e4
22d5cf2b9de1f9240e3aecc245fca0531e4bcfe161d85d16fad6fc162e777398
248e0793c67d88124feb9d51397e20238346b217436f88057ff775599a6ae90a
249c06c5773527f5716ca3779b0bfc8fe72bdca379210efbd6cc9183ca257b96
259862b924b18b7b8162b3991c5ecad1dad7db80ba2b8bc0aa8998e0cfd7da78
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b48f76b2dc85e25cc71712415b230200585c1dbf631eda984f01eaf046bf8ca
324474ff12691ad8154450cb63a421b3a43877085c7163f541a02819aeca99f8
3b4cf6abd154305a66010ef8c727233651c6346496233ba875ff23cecd3b29bc
3c32f423d643e6396b3c68f18fbb459a73acead64d32d344e6de8a3cd788fc39
3d4959531809ea683be180f10d631ebcf85d8b9ccacb5eb21ede29c1e7f935c8
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4aea13eba5ef3838f3bdeca986afcacedf3e6c595e021a8a4042d9e7c2827d86
5819e09af544ac958e7f95887e5a777a4eaa4d1636a3c71681fc015489c1b289
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e1eeabdf958d876a5c84b0658767658ea004f00b50112da85fd529d39fdf40e
5efa4755198974d4624c5cdc7bf45d009be8acfd1d7b2b6c534489682c9fe4d7
5f098f1864e58c0abdc3ef68c793156c71bf502a38b6d89630724234f8432c2c
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68c1deb1e7782bdfa830ff15c225203b876c914b9257a0a85ca1f6f3eade2be8
707540d0813c2e6c9abb51dcc5f7671a10780d572b30da20197961f80e7fb346
72d5ac87d42c6b7543a1e10ef53db8f3ce8b786ebb78fed5dae80110dc18cd25
74a6bf5a53d1f350e0ce32c82f1791efc06071713d8b241cb3420f44a7bf368e
78f61cac6ee043a048aa1fe8fd1cdbfd640ebff92e9f4d247198bcdf01dfa564
7971ef2621082b26c26285633a1381f07f8fb53e00d3e2ed0f9f94da3d89ab5d
7b671d2ff25287b1dd475f8c7d01ff88f0dd638071718921d987e8f82cc159ba
7bd6f350adb0ec9ee091531611df346c812600697e31f71d07ccff127b4dfcbb
7e58fe69c9130f890725e135a0c6ec9e745aade8fb80b8258059d18fee294a3d
8303823d262dee7eaa3b8eb7acf79937502dc429ae530d22e0e3f5de572adc2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8a6753f781c12defc70079a8d7dcb88b9c4de952435745173fe003285fb3550e
8b3a3c583c7c83322dca0536c972dc617ac231272642233fcde633d0c3277ef2
8c38e4137faa1fea4776e411312ad0598bc3ec1c5ba8a3f2d65eccc83933eabb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9038b214671cc27ffba2fc60ffdcd0850e355af61fc303049f5b2a42397111da
9c64bc8f0616d9397bd837d61f3eb6241def2a326c18842e0e546eff61c2d44c
9d842f8078782743b783afdd5bf1593aac5f13128f0c738199abe4da3653665f
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a6a6f8f63423ee29ba56d13dd8c30782b5d34327f0da2e505691e98db7cddad1
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a91159f3a71e7d42479856a4256d7dd5a483725350d64f20d8f92e1e2dbadada
ae8b9a174c76637d280f87046368dfa8cf67cb6d6aadd006918383370898d6e0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0a5518b142c76dad1b569142decdb8aad7913d70e84476ee329254a770f0900
b1681638f8ebe2660e9ef75a02259c82ccd397afe5458407eb7d0ec9da7dc9ac
b8f5e0e2527afa39fe2a9cdc6f95e70518274bd893e1b5d0e5813679f19a6681
b94756a03086422c4c52596af65603bc2118b1fcf0c568716914dfe9185aa54e
bade858bcf17b7d516079370b511132a684e41dbcc836c9ce672b27c21a7b792
c01f79f7f49a5eb88b0003387fc5787ebc65420b80202dcc1ff1caa9179051ef
c39c274d08ce6f9cbab8ebad480a063118742fee30645bb15d22bd66c8530a4e
c67b12695048c8eb8ee6821314965db3d3ddc04f3af47c53a035e2a77d4ce9f6
c8ccfe1ec55da24f79ea57007c4a5d4cff25723d81be5d634e71fe39e90cff87
cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d630949c3a2fa94f12811a79a8d142ade5de08add63b2ac1e308cce250d32d6d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8d2951da68a08e93642245f20c9198896e4dbc11315bd4636fff208252a9fdc
d9488ed7bedf6f5d6f41b1834a49abc3fdf1a0f2d8241d0fc48b8bcc0c290880
d98363ded52b5ce2eec06a5d8d855b87707f5cd02729ffddf4d058e4901de9e5
d9ee4bce191a8384a983e60e32a22e684af1e0b24f4e2a695549bf1ea9fe305e
dd69dbdc6f77fc8f7398807d4313f8383b4ba2103ed793f9a0820a281541523b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2febba76108eb52ff2b0dbc4db3f4cb1f61816d6097b9a8380d2c1b775eb073
e352288bbf55f8c96f648f68da407300d23c14dc5079e10fc3be9e0c59c4ff37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44b5c6c277ac936eff17bb7e76cf29f592a89858b1a61df5bd3733c1464dee8
e798626375d6fd66fcb078752994a9378479e70934a3be836051ddf5e3199459
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e85d000352371d01ec68c35b294c87b928cc6f62ec99cd75a22bb420b00bffa0
ea8f25f799aa3fa9e979374a563b267d88da0934708792b547c2d79f9f9da3ca
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39ae6e4eb73fa9c13ac43af3ec9dcb89fd9fe17da813f244b3bc686b75f4830
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4f0d2f65ad0ea6b5b50cbaa17bed60e8b78b6d0a8f1340426099a64c4df2b51
f63c84a93df18a64253a18ff542d3dbe06ea9df9164b29f130c9e17abaf68517
f96cc6784462df3064309cf8fb97f8b106eba96cfd4975a251cf5b52d6af7df9
fd20465bed92c436546c115e69d3ea71c86790e935b779cdd6a227d932f97bae

www.trollstickets.com Open in urlscan Pro 2600:9000:225e:3600:7:abd8:9d80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

96 %HTTPS

68 %IPv6

30 Domains

39 Subdomains

38 IPs

4 Countries

6610 kBTransfer

11971 kBSize

21 Cookies

38 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.trollstickets.com Open in urlscan Pro
2600:9000:225e:3600:7:abd8:9d80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

96 %
HTTPS

68 %
IPv6

30
Domains

39
Subdomains

38
IPs

4
Countries

6610 kB
Transfer

11971 kB
Size

21
Cookies

139 HTTP transactions
2 data transactions