fandiem.com Open in urlscan Pro
23.227.38.32  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/JFx7KXEoSiOusIUkFbq_Yw/h9/bKXpYbtWULpapv1qj10tfrSIJv5IjdFtVd3HjYw1GIM HTTP 302
   http://winwith.fandiem.com/f-covid-kesha-bit-blast Page URL
   
2. https://fandiem.com/kesha?utm_source=bandsintown&utm_medium=partner-bandsintown-blast-from-bit&utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page HTTP 301
   https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/JFx7KXEoSiOusIUkFbq_Yw/h9/bKXpYbtWULpapv1qj10tfrSIJv5IjdFtVd3HjYw1GIM HTTP 302
• http://winwith.fandiem.com/f-covid-kesha-bit-blast

Request Chain 75

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4369313%26time%3D1663468286454%26url%3Dhttps%253A%252F%252Ffandiem.com%252Fsweeps%252Fkesha%253Futm_campaign%253Df-covid-bandsintown-sweet-relief-2022%2526utm_content%253Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%2526utm_medium%253Dpartner-bandsintown-blast-from-bit%2526utm_source%253Dbandsintown%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true&e_ipv6=AQKYBVSusTW7cwAAAYNOb7QBsDJPgUfYdDkrFv29Emz7We5JpNZ_3qcgueoBcCL1vshkMmjyxrTPmw

Request Chain 137

• https://s.adroll.com/j/exp/4VZVS64FNRFEXAUW3D4PZO/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 138

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_oImY5vVNuezmLAPwue90AU&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjI5UTdBeHhUWWVhNGZNdDdOQVJRb0R1R3hoNHp6X3o2VXNKUkxVYjgyMmx0dHd1N3R4c3hyNHo HTTP 302
• https://www.google.com/pagead/1p-conversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjI5UTdBeHhUWWVhNGZNdDdOQVJRb0R1R3hoNHp6X3o2VXNKUkxVYjgyMmx0dHd1N3R4c3hyNHo&is_vtc=1&ocp_id=_oImY5vVNuezmLAPwue90AU&cid=CAQSKQCsnQUxR3PKRlfwHXrgh3LMqrnYnaJsohfv921noLu_NfnJX2vIidgL&random=2895859029&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjI5UTdBeHhUWWVhNGZNdDdOQVJRb0R1R3hoNHp6X3o2VXNKUkxVYjgyMmx0dHd1N3R4c3hyNHo&is_vtc=1&ocp_id=_oImY5vVNuezmLAPwue90AU&cid=CAQSKQCsnQUxR3PKRlfwHXrgh3LMqrnYnaJsohfv921noLu_NfnJX2vIidgL&random=2895859029&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 148

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_oImY8_4OMOz1wapwbXICg&sscte=1&crd=CJuqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjItUjhCdWV0WFBWeDdadXJXc21sU3E3bTFYLTJMMUJPbXNtV0NFMF9GS2NaZkZWSG5CMXVtbVA HTTP 302
• https://www.google.com/pagead/1p-conversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjItUjhCdWV0WFBWeDdadXJXc21sU3E3bTFYLTJMMUJPbXNtV0NFMF9GS2NaZkZWSG5CMXVtbVA&is_vtc=1&ocp_id=_oImY8_4OMOz1wapwbXICg&cid=CAQSKQCsnQUxH1OQsnqpsR0nQh2iSzlHf3ymCWJM9Av1v_WVTXcel5PGGZzs&random=1042634221&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjItUjhCdWV0WFBWeDdadXJXc21sU3E3bTFYLTJMMUJPbXNtV0NFMF9GS2NaZkZWSG5CMXVtbVA&is_vtc=1&ocp_id=_oImY8_4OMOz1wapwbXICg&cid=CAQSKQCsnQUxH1OQsnqpsR0nQh2iSzlHf3ymCWJM9Av1v_WVTXcel5PGGZzs&random=1042634221&resp=GooglemKTybQhCsO&ipr=y&prhg=0

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
13 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	f-covid-kesha-bit-blast Show response winwith.fandiem.com/ Redirect Chain https://u1126135.ct.sendgrid.net/ss/c/TMJg4H87IKVlew-fIsPBywTfFnzvdyQGDZsrae-lxfXo-9va7TBOI0_8Xt8WPK4IHdMXQG2NqBN53bb94wB71Q/3jf/JFx7KXEoSiOusIUkFbq_Yw/h9/bKXpYbtWULpapv1qj10tfrSIJv5IjdFtVd3HjYw1GIM http://winwith.fandiem.com/f-covid-kesha-bit-blast	2 KB 2 KB	211ms 131ms	Document text/html	51.15.139.10 Online SAS
General Check archive.org Show headers Download Go to Full URL http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol HTTP/1.1 Server 51.15.139.10 , France, ASN12876 (Online SAS, FR), Reverse DNS 10-139-15-51.instances.scw.cloud Software / Resource Hash 190ff5c5520210f25694bf02106461f9f795dbb1bd8de80f7030e9ab9fef4c82 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private, max-age=90 Content-Type text/html; charset=utf-8 Date Sun, 18 Sep 2022 02:31:24 GMT Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Length 73 Content-Type text/html; charset=utf-8 Date Sun, 18 Sep 2022 02:31:23 GMT Location http://winwith.fandiem.com/f-covid-kesha-bit-blast Server nginx X-Robots-Tag noindex, nofollow
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	87ms 36ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-181963629-1 Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3630b744e05395667ebab08a4052a413a9a0bec5c304cd7e434031454ca46029 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:24 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43386 x-xss-protection 0 expires Sun, 18 Sep 2022 02:31:24 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	101 KB 27 KB	63ms 21ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26839 x-xss-protection 0 pragma public x-fb-debug 34hF8LcfkRUcuO0DLAipeRwshaqSauOC5qWe2t1rAetd/pwOiKEQmG2s2IG2iY97/DSYALTVKdxdQuTYCecZ0w== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 18 Sep 2022 02:31:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	410807596975192 Show response connect.facebook.net/signals/config/	293 KB 84 KB	253ms 252ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/410807596975192?v=2.9.83&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1c4bdb938c9803c559e9636615c843c7e1ee67369fc0fa064989bc3e66f1e7c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 2oW6/qIF+G3q4ezliMN590aJzxqA7Z+OfPbXpR0DQW4yPG9t1C9hAplH1C62qTY1YNydPyXYvESvM4zpplDdgg== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 18 Sep 2022 02:31:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	208 KB 73 KB	87ms 41ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XG86FRBQR2&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-181963629-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3aef2349d99c0cd8cb9158cab74fb4905929f3f2563b8ec915e5d4e79a53537c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:24 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74809 x-xss-protection 0 expires Sun, 18 Sep 2022 02:31:24 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	75ms 20ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-181963629-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 5364 date Sun, 18 Sep 2022 01:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 18 Sep 2022 03:02:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	69ms 27ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1742092529&t=pageview&_s=1&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&ul=en-us&de=UTF-8&dt=WIN%20AN%20AUTOGRAPHED%20PICTURE%20OF%20KESHA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=69051181&gjid=2127174969&cid=1846812342.1663468284&tid=UA-181963629-1&_gid=1899406320.1663468284&_r=1&gtm=2ou9e0&z=462152567 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://winwith.fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://winwith.fandiem.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 349 B	77ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-XG86FRBQR2&gtm=2oe9e0&_p=1742092529&_gaz=1&cid=1846812342.1663468284&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663468284&sct=1&seg=0&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&dt=WIN%20AN%20AUTOGRAPHED%20PICTURE%20OF%20KESHA&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XG86FRBQR2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:24 GMT server Golfe2 content-type text/plain access-control-allow-origin http://winwith.fandiem.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	90ms 32ms	Ping text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XG86FRBQR2&cid=1846812342.1663468284&gtm=2oe9e0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XG86FRBQR2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:24 GMT server Golfe2 content-type text/plain access-control-allow-origin http://winwith.fandiem.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	85ms 35ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XG86FRBQR2&cid=1846812342.1663468284&gtm=2oe9e0&aip=1&z=2002527092 Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 444 B	44ms 30ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-181963629-1&cid=1846812342.1663468284&jid=69051181&gjid=2127174969&_gid=1899406320.1663468284&_u=YEBAAUAAAAAAAC~&z=1580705865 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://winwith.fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 18 Sep 2022 02:31:24 GMT content-type text/plain access-control-allow-origin http://winwith.fandiem.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	99ms 35ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=1846812342.1663468284&jid=69051181&_u=YEBAAUAAAAAAAC~&z=1860201115 Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	80ms 33ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=1846812342.1663468284&jid=69051181&_u=YEBAAUAAAAAAAC~&z=1860201115 Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	67ms 22ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=410807596975192&ev=PageView&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&rl=&if=false&ts=1663468284453&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22653142685708720%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22326808842606046%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1663468284451.711547148&it=1663468284137&coo=false&rqm=GET Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer http://winwith.fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Sun, 18 Sep 2022 02:31:24 GMT
GET H3	200	Primary Request kesha Show response fandiem.com/products/ Redirect Chain https://fandiem.com/kesha?utm_source=bandsintown&utm_medium=partner-bandsintown-blast-from-bit&utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-k... https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-b...	55 KB 17 KB	406ms 360ms	Document text/html	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash 8c76162ce3a73a7875b39ca93e99a3baf8364f7adf0f7d818205d5419605659b Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://winwith.fandiem.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74c6aa4f5c2c9974-FRA content-encoding br content-language en content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; content-type text/html; charset=utf-8 date Sun, 18 Sep 2022 02:31:25 GMT link <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM7Bkv6C8bAl%2BcZ%2B32KdvqywnO7QH70JJJJU6mvNeVyIMUUuLnKODXc8VbRaAXL6RTgUc%2FEkRypz90qlqYvQDqq4QkRNbZt6IVsXC1r5hJ3hLqcFxUcTfERIhpf0"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing processing;dur=206, db;dur=115, parse;dur=2 strict-transport-security max-age=7889238 vary Accept x-alternate-cache-key cacheable:9b92015d07a44afe92b8815d3a388f0a x-cache miss x-content-type-options nosniff x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-download-options noopen x-frame-options DENY x-permitted-cross-domain-policies none x-request-id 79a076bf-c58e-418d-8b69-1c9c547842cc x-shardid 253 x-shopid 50221678757 x-shopify-stage production x-sorting-hat-podid 253 x-sorting-hat-shopid 50221678757 x-storefront-renderer-rendered 1 x-xss-protection 1; mode=block Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74c6aa4df8469028-FRA content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; content-type text/html; charset=utf-8 date Sun, 18 Sep 2022 02:31:25 GMT location https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmGDzzdLQ6fTmiIGAcC2l1FvDgcuUD9zkYUsnAnezsc2ZfEre9FAkTZZJTbyDgzMllp5g6xIa8b2%2FRPhbSn8kMKs1w7Z9fB1S6emnMjoaoJgtDUfGXYTDyj6FnoX"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing processing;dur=34, db;dur=15 strict-transport-security max-age=7889238 vary Accept x-content-type-options nosniff x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-download-options noopen x-frame-options DENY x-permitted-cross-domain-policies none x-request-id e61778dc-407b-423d-abf9-74c5fad2247d x-shardid 253 x-shopid 50221678757 x-shopify-stage production x-sorting-hat-podid 253 x-sorting-hat-shopid 50221678757 x-storefront-renderer-rendered 1 x-xss-protection 1; mode=block
POST		collect region1.analytics.google.com/g/	0 0
GET H2	200	triplepx.txt Show response triplewhale-pixel.web.app/	57 KB 20 KB	132ms 43ms	XHR text/plain	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://triplewhale-pixel.web.app/triplepx.txt?-18483 Requested by Host: fandiem.com URL: https://fandiem.com/products/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 53f6d205653e9019cec634b96a6d78742dcaeeb589d3aa4f6371cfaaf3e85bd5 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br etag "9b99f03a72176343b4a11fa5b16ca71f65d9c2dea8460345e2892b82da6044a5-br" x-cache HIT access-control-max-age 3600 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 20319 x-served-by cache-muc13950-MUC last-modified Fri, 16 Sep 2022 01:45:29 GMT x-timer S1663468286.814110,VS0,VE0 date Sun, 18 Sep 2022 02:31:25 GMT vary x-fh-requested-host, accept-encoding access-control-allow-methods GET, POST, DELETE, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes access-control-allow-headers * x-cache-hits 1946
GET H2	200	load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js Show response cdn.shopify.com/shopifycloud/shopify/assets/storefront/	10 KB 4 KB	221ms 167ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AunPbVGD%2FR%2FJQh8DQMilxBkfd01yI3qMkfyulS5AkYnDa5DKDP0DqjZxu%2BBjwpkdU2raR8e2V11FoEUirrT3zw%2FpXcLN%2Bmnm9NXoMoGH03EijC0YTVPwtmmHkGORUs%2B5%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=19.882, imageryFetch;dur=19.739 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 0cdb72f6-7218-4b0b-a7c9-db872e66b15f timing-allow-origin * last-modified Fri, 26 Aug 2022 01:44:39 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * cache-control public, max-age=31556952, immutable cf-ray 74c6aa528ab1bbec-FRA link <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js>; rel="canonical"
GET H2	200	features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response cdn.shopify.com/shopifycloud/shopify/assets/storefront/	37 KB 14 KB	199ms 145ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3caIF7%2BA4TnCg0HsnC8QI7XsV%2FoJOyFkWFw7clybuyMXaO%2B3kDiOCJtYXN2BGF9FAonwThDqE%2FiT9LzaaQuCDl9cn%2Ft8s%2BJyfhjEVNlE3Wsl3bOfNPRgDiyWIOHGktt4g%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=15.579, imageryFetch;dur=15.360 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id a1f823f0-0b6f-4c58-ab3e-3375ed868cee timing-allow-origin * last-modified Fri, 26 Aug 2022 03:54:20 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * cache-control public, max-age=31556952, immutable cf-ray 74c6aa528ab4bbec-FRA link <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
GET H2	404	/ dpjhaiprv9czz.cloudfront.net/	0 0	263ms 256ms	Other text/html	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/ Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers
GET H2	200	application.scss.css cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	3 KB 1 KB	189ms 136ms	Stylesheet text/css	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53fb3ea61abbaf420658f47acdfff8aab9fe220b46d40f517d9e1127901cf826 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B36WgJJGfltS7KiTSQnPOWWG6e34g%2BaTuko9SV3grKFIy9CW8nubjkQcu5pjQ2Ag5fx1GVNtw3rRJnn7X7o%2BFicJybGOLQW%2B2sarliUzPjwVody7offXgvDcWLF%2FdB%2FhYg%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=113.745, imageryFetch;dur=87.886, imageryProcess;dur=25.069;desc="scss" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id dced4b20-3713-40d9-8087-091fe92e7afd timing-allow-origin * last-modified Thu, 25 Aug 2022 23:40:39 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/css access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa528b836937-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css>; rel="canonical"
GET H3	200	jquery-3.5.1.min.js cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	0 32 KB	203ms 150ms	Other text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js?v=133494139889153862371605192933 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaFmRF3VAIoPEAGxqEL83EHH%2FeJyGOZmzAQst8GvA1FKEbQM%2FuPCu09SqJOLAXpHlcioICN91byH2aXCQsBMCw5zB92yM7cp81Wvx%2Bag2oUA97kIGFLYB%2FWGzer6GheEvg%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=58.666, imageryFetch;dur=58.509 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 97f266db-e76c-4cbd-80bd-e78805ccec47 timing-allow-origin * last-modified Fri, 26 Aug 2022 04:01:57 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa53ef72920e-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js>; rel="canonical"
GET H3	200	bootstrap.bundle.min.js cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/	0 23 KB	69ms 29ms	Other application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15613786 x-jsd-version 4.5.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19178-FRA, cache-hhn4034-HHN timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHcEWqMMOpGUfso74Yi8O1QcPu1KOn1Kyng8Evt2WcXJIJ0CgQEC4XcyoK%2F1J7pFRHO4Pt0XsA1RDAebZS0Jg8U%2B8h%2F3L%2B2O3yVkal04XzxTWzKnCDEWxF2F1vOLUHwKFbCVd1PX59R7GK0WYqk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 74c6aa53cfbd9107-FRA
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/	157 KB 25 KB	96ms 32ms	Stylesheet text/css	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15613780 x-jsd-version 4.5.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19170-FRA, cache-hhn4070-HHN timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEx32bU6Ie%2FUaBZLxdP4yGYUl0KDEAPH6J4lcXd6XP8P5%2FXhB3hliukuI0vDkaDpwVYXQTcFRiF98r%2FfLvqEzwNAq7c3AdACvSlgukpcUQ04mFOtvQj%2FgVqs53RmqBOCtj6GomgbCZFdAUbAZZU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 74c6aa529d2f5b80-FRA
GET H2	200	jquery-3.5.1.min.js Show response cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	87 KB 32 KB	87ms 34ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js?v=133494139889153862371605192933 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 age 20932 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEqgQG4aQDI5CQLdDj311ExxLWJBAdFQ7p8XTdR32d8XyGmcKw3WiLtL3hGsptJqZgqgb46Rnx9aX0tH9moRqZPOduUCYlUnij8jPXiFZkleQFBWteXL3NBJ%2F%2Bj4dzvC%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=58.666, imageryFetch;dur=58.509 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 97f266db-e76c-4cbd-80bd-e78805ccec47 timing-allow-origin * last-modified Fri, 26 Aug 2022 04:01:57 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa528b886937-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/jquery-3.5.1.min.js>; rel="canonical"
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/	82 KB 23 KB	101ms 38ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 15613769 x-jsd-version 4.5.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19178-FRA, cache-hhn4051-HHN timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkS0rDe6TJH%2Fhyzlt0HQWGAocIlDeJUNo31rCSY7DilMWiJfxMJZjq5zr2aQdNFkatqLFfFIe3%2BNXKEkLXktwcfqbRjU83A%2F3Q%2FT%2F0QHxr3UP4XnGZiYn92hq6%2FkgEQA0AkSMzZsqNb19hvSuOs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 74c6aa5298619049-FRA
GET H2	404	assets cdn.shopify.com/s/files/1/0502/2167/8757/t/8/	0 0	260ms 208ms	Stylesheet text/html	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers
GET H2	200	shopify_rolling_bootstrap_v2.js Show response assets1.adroll.com/shopify/latest/j/	2 KB 1 KB	115ms 23ms	Script application/javascript	2600:9000:206f:7000:1c:cd6a:7440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=4VZVS64FNRFEXAUW3D4PZO&adroll_pix_id=A5AOKNR44NHIVM7TSARV6U Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7000:1c:cd6a:7440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 01:32:31 GMT content-encoding gzip vary Accept-Encoding age 3543 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront) last-modified Wed, 07 Sep 2022 00:26:18 GMT server AmazonS3 etag W/"dcbab6195eb24bf3935cbc62ec0ed277" access-control-max-age 600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-allow-credentials false x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id 1Yox4kmmLZvKt5xLykjAx3KyHXYcMRMEvf0tiSO5RHmfvEYDeHzIog==
GET H2	200	klaviyo.js Show response static.klaviyo.com/onsite/js/	3 KB 1 KB	96ms 20ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9562bea68b360646eead81a2280d11017c8f0a9f1f9508ac3ff4e4989d85cfc8 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip age 102392 x-cache HIT, HIT access-control-max-age 86400 content-length 1036 x-served-by cache-lga21966-LGA, cache-hhn4038-HHN access-control-allow-origin * allow GET, OPTIONS server nginx x-timer S1663468286.080987,VS0,VE1 etag W/"f6d0d556d31bdd3495827dac590df0c5" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript via 1.1 varnish, 1.1 varnish cache-control max-age=1, stale-while-revalidate=10800 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers x-cache-hits 1, 1
GET H2	200	shopify_v580.bundle.js Show response dpjhaiprv9czz.cloudfront.net/	2 MB 578 KB	104ms 33ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3d5e05b5126e91f1e5680e716d7c5b1cec07ac2f1129394aac8f6a07f855b30e Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 04 Sep 2022 00:28:24 GMT content-encoding br last-modified Mon, 29 Aug 2022 20:50:21 GMT server AmazonS3 age 1216982 etag W/"e7b2f0f01a41928f3bd2ad52bc7be5ca" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id DAgXaONd9B5yVb9ux2eXwPSowGC2HhAP via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id CC8tiKXgZ3ZbKezk4YPzAM_VHhnn0FMWp9U1JJQNDcLGYCZGl7MbKA==
GET H3	200	_thid372.txt Show response triplewhale-pixel.web.app/	80 KB 26 KB	108ms 56ms	XHR text/plain	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://triplewhale-pixel.web.app/_thid372.txt Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0295b602a6a72531d1e9c2bb1b09c5fbd0c7ebf2c935f218eda55d2c7661d96f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br etag "4d5e4c9fc484fb2d279438a5d4903983eeab5166218c0ba417057d8d17b16cff-br" x-cache HIT access-control-max-age 3600 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 26230 x-served-by cache-muc13933-MUC last-modified Fri, 16 Sep 2022 01:45:29 GMT x-timer S1663468286.004655,VS0,VE0 date Sun, 18 Sep 2022 02:31:26 GMT vary x-fh-requested-host, accept-encoding access-control-allow-methods GET, POST, DELETE, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes access-control-allow-headers * x-cache-hits 2482
GET H/1.1	200 OK	matomo.js Show response app.theadslab.io/	76 KB 24 KB	637ms 241ms	Script application/javascript	18.189.120.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.theadslab.io/matomo.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.189.120.64 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-189-120-64.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 4beb86f35186784ad7a2a437b5c686face1ec72c0b7055f4a5b9d1415a956e31 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Pragma public Date Sun, 18 Sep 2022 02:31:26 GMT Content-Encoding gzip Last-Modified Fri, 16 Sep 2022 07:29:19 GMT Server nginx ETag W/"632425cf-12f12" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control max-age=3600, public, no-cache="set-cookie" Connection keep-alive Content-Length 23974 Expires Sun, 18 Sep 2022 03:31:26 GMT
GET H2	200	ltpix.min.js Show response assets.production.linktr.ee/ltpixel/	7 KB 3 KB	109ms 21ms	Script application/javascript	2600:9000:214f:3200:14:6c09:8c80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.production.linktr.ee/ltpixel/ltpix.min.js?t=1663545600000 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:3200:14:6c09:8c80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 429c5d9e946119e22e577a50872d5768099123db20cd97e7de754e55e1efbba6 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 17 Sep 2022 02:50:47 GMT content-encoding gzip etag W/"13b9efbb17b5791991667abd0a310c20" last-modified Mon, 12 Sep 2022 02:26:44 GMT server AmazonS3 age 85240 x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id KfEqmJ9gOMjbqvfx_N0MXXz5Qk7RV23vFATG4oXIMmqLURMA4aWeow==
GET H3	200	trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Show response cdn.shopify.com/s/	78 KB 18 KB	104ms 52ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3d61393669f437ed22c988bbb61aa12cc067e4c491aa3bd14b87ce16ab8b276 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 age 1497360 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbWuZdaa%2BgBEnWAXCBQaPfic3QoAxOC%2FLzpHdW8kkDnREAspiVmx7i21a7fqoAhdvLq3IX%2FCfyxrXGiMbw4W%2FBg4XpKmsJFH4IxCnHQr1bZ23yCh2jKp9Ff5%2BUMfhxAc9g%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=39.910, imageryFetch;dur=39.702 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id a9f08bc8-fcf8-475b-a9fd-a096cf5ee1ec timing-allow-origin * last-modified Wed, 31 Aug 2022 18:35:23 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000 cf-ray 74c6aa53ef73920e-FRA link <https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js>; rel="canonical"
GET H3	200	shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Show response cdn.shopify.com/shopifycloud/shopify/assets/	8 KB 4 KB	83ms 30ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 age 1988255 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zkg3KbyI9FgAmdrjx5EAvoCehVPDp2hsHLITzXAXhreCwcaknU19r4KQL0uykhndPZuy0l%2FwBWNewCgjphaLAIPbq7uSxOh%2Fbk7LUU4QPT1qb4pvzgcN960CkPbfPU3YBQ%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=22.599, imageryFetch;dur=22.430 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 08b69fc1-ba0b-40f7-a067-ccd68aa642c3 timing-allow-origin * last-modified Fri, 26 Aug 2022 02:13:50 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * cache-control public, max-age=31556952, immutable cf-ray 74c6aa53ef74920e-FRA link <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js>; rel="canonical"
GET H3	200	shopify-boomerang-1.0.0.min.js Show response cdn.shopify.com/shopifycloud/boomerang/	58 KB 19 KB	89ms 33ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c90e2ae55420165f78f00d514754f5ffc1153c7c449b134b125be25e7501ab3e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 age 1988754 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcaHeLAdUqaFrmB6JNNIVX1LPAlXMX0igoc3MlAyeV9mEvWpD02CyTFx3PrquF1FxpaTwTJ3RGwk8xC6uQCLAkH2wvHXrMHXLl1CcsZDk7lyfJB1wEd2PGF%2FkjFuRBXQvw%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=31.586, imageryFetch;dur=31.440 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 038c05c3-d876-4ab9-bde9-3b45b569b193 timing-allow-origin * last-modified Fri, 26 Aug 2022 02:05:31 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=3600, must-revalidate cf-ray 74c6aa53ef75920e-FRA link <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
GET H2	200	/ Show response use1.fptls.com/	204 B 331 B	323ms 114ms	XHR text/plain	99.83.173.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://use1.fptls.com/ Requested by Host: winwith.fandiem.com URL: http://winwith.fandiem.com/f-covid-kesha-bit-blast Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.83.173.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a64bed9ff5004f5b3.awsglobalaccelerator.com Software / Resource Hash 0020a150d90b03b42fd038ba43934ee6a43ea1b535e837d6edcc1429acc43e4b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-origin * strict-transport-security max-age=63072000; includeSubDomains cache-control max-age=2592000, immutable, private date Sun, 18 Sep 2022 02:31:26 GMT content-length 204 content-type text/plain; charset=utf-8
GET H2	200	diffuser.js Show response diffuser-cdn.app-us1.com/diffuser/	24 KB 6 KB	77ms 28ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip cf-cache-status HIT age 128 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 21 Oct 2021 17:42:06 GMT server cloudflare etag W/"4d482a43613d3966f353ec9d97452e0c" vary Accept-Encoding content-type application/javascript via 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront) cache-control public, max-age=300 x-amz-cf-pop DUS51-P1 cf-ray 74c6aa55384bbbe6-FRA x-amz-cf-id SXgm1H63jQ9kP1JAfWEFCRcAMF7Ph3l8WvTgy5PKSctX9AqETqMxgA==
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	92ms 26ms	Script application/javascript	199.232.188.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip last-modified Tue, 30 Aug 2022 15:04:19 GMT etag "d4de8398858246712016031c834bb061+gzip+gzip" vary Accept-Encoding,Host x-tw-cdn FT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache x-cache HIT, HIT accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 15317 x-served-by cache-iad-kjyo7100086-IAD, cache-muc13968-MUC
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	78ms 20ms	Script application/x-javascript	2a02:26f0:3500:16::215:149b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 20:23:36 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=9113 accept-ranges bytes content-length 3063
GET H2	200	9920.0afc5f41d36928f014e6.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	47 KB 18 KB	28ms 25ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/9920.0afc5f41d36928f014e6.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e7fb53b43e9c5b16bd3ce4e21c9cb8cc939dd6c2567fdceafa7949b0bdcaa8d7 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 29 Aug 2022 02:42:48 GMT content-encoding br last-modified Wed, 17 Aug 2022 18:33:44 GMT server AmazonS3 age 1727319 etag W/"d58f573b13a3bef1308c7ffa691ca4ee" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id xSens55ZHLvrrOUJEk26IWZ46WeZKwfr via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id okwnbechPs2y2fH68voadMMolN3hivOcGIB8e9iMw6wgjqivhLeNqw==
GET H2	200	9388.ff646192d7845b924966.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	20 KB 8 KB	28ms 25ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/9388.ff646192d7845b924966.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1c8ba0a91d47326492d2bf98934f92fb80e3b9692f3b110ad63ace74ca4bae27 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 08 Sep 2022 05:39:05 GMT content-encoding gzip last-modified Mon, 29 Aug 2022 20:50:20 GMT server AmazonS3 age 852742 etag W/"420282fc427d156854e642bb7f3079e7" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id O_s5xU_15HxI.u5GWYr.a_WS0OehYM.W via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id m8kpWs6wJK41wEINE67o2Dxt_JTbB0ZysXPulm19aH1I_p3MUIUOtA==
GET H2	200	7847.0ffaf5a1648260480103.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	5 KB 3 KB	37ms 34ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/7847.0ffaf5a1648260480103.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8d5b4d24bb7b4cf7b27205b7be47d9eb814e30eef74095890025b9082686bf49 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 26 Aug 2022 06:48:39 GMT content-encoding br last-modified Wed, 17 Aug 2022 18:33:43 GMT server AmazonS3 age 1971768 etag W/"9f7dba240407c6070a7e8b0785d6993c" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id NHUE5tN7tK2UJGzP4SFc89uDyXuuEfJQ via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id iSIPAliwQ0z3Zt3tBn9B6SnoHUu4qQam8afuQjd6Gj-LdPlo31dtyw==
GET H2	200	6964.1db6c54bd999137f09d7.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	27 KB 9 KB	35ms 31ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/6964.1db6c54bd999137f09d7.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 55f91424c89120a46e28edece37a4e21fcd55de737673f386dced164da230233 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 05 Sep 2022 13:38:55 GMT content-encoding br last-modified Mon, 29 Aug 2022 20:50:20 GMT server AmazonS3 age 1083152 etag W/"42c23c85084cef6a0eaa1b41550cba54" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id 1CZppggfV79fATgYpUdXZ17H_X93iJq_ via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id 3hux60aAz0fafuH92vUfbHyk1A056Br3iK6fva0mNeKhViCjmFdFaA==
GET H2	200	2124.6396887a49f25a2fb925.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	14 KB 6 KB	29ms 26ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/2124.6396887a49f25a2fb925.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc88e70854a581bbc52c5a67e194b7f3ee11a372cf65d6628ea70227c767d612 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 20 Aug 2022 00:44:31 GMT content-encoding br last-modified Wed, 17 Aug 2022 18:33:42 GMT server AmazonS3 age 2512016 etag W/"0ad65c04632cf3b33bcfb3956edb88ef" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id .ecqSHdw1YaaK.GuQJkImTogG2WXAJ1W via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id wH5rMZzDlLCAh9NsV4NUrMlOruH5-0SuGaw3LZ-7qICVEmRMZkdSCg==
GET H2	200	1833.c671606838b052f8ab8b.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	30 KB 11 KB	32ms 29ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/1833.c671606838b052f8ab8b.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 12cb5b9808c210b7e82ee16dbabd82086d5833624d7d0fa75fc963fa5f38c077 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 08 Sep 2022 05:39:05 GMT content-encoding gzip last-modified Mon, 29 Aug 2022 20:50:19 GMT server AmazonS3 age 852742 etag W/"d91cd64e2c3758d3696ba0e9e8c8e5e0" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id ja.y7B2B1fQbMwLbav5cp0P0kvsa4oM9 via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id tkA2Or7Ihr_wrDss0OMsRjHLSmH92k1sV6G-mLEG2-ZxRrJzE0DfNA==
GET H2	200	6982.4de72bc2161049b2eb0b.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	48 KB 14 KB	30ms 28ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/6982.4de72bc2161049b2eb0b.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6f58848b87af4ac1d77e43a2a8c51c429701b2429b75843d24484f38b166a224 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 28 Aug 2022 03:06:09 GMT content-encoding br last-modified Wed, 17 Aug 2022 18:33:43 GMT server AmazonS3 age 1812318 etag W/"c5eb85c16afb6d9eb26aa051a436568c" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id aElYVg18IbFmZvfCimfo1xA77DQNrvxx via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id LAb545I-ZGaaN8O0UugPoPqAyqJfVJk_h04GIcx6z6vw7yCYik-59Q==
GET H2	200	2280.e7143f3dfeffe279a661.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	8 KB 3 KB	38ms 36ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/2280.e7143f3dfeffe279a661.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 188e247ef86f35f05f3d0d74a76b7193cfab937a59424884f9bd6cc2dd1e3d73 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 13 Jul 2022 22:16:56 GMT content-encoding gzip last-modified Wed, 13 Jul 2022 22:05:41 GMT server AmazonS3 age 5717671 etag W/"6e1f217cd33c866130d9611c6fbd503e" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id gMWasqaYw8wiEHP6dsvXVuElNVm.eLdU via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id z16GuiCoCTb7splja6AmcvOO4Y8CKmiH5YpTg0hApD9VwqHLCQC5Ew==
GET H2	200	757.efe771e50c2648f2f028.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	31 KB 8 KB	28ms 26ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/757.efe771e50c2648f2f028.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e74bd2ca6e825231ea65768ee11410fda9ebfe0a65752a9dae01ba71b15b4f2 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 27 Jul 2022 15:51:32 GMT content-encoding br last-modified Wed, 27 Jul 2022 15:47:46 GMT server AmazonS3 age 4531195 etag W/"03f09258b15dbb589be0e916690710a7" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id cxGw7zUQRutdiLejxa_xLcmOg_PIbGI4 via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id pENojEiAsKBvbHYPvOvP6U0h-Pq2f7NfyZLP4lDCxjrFfHZTggFUnQ==
GET H2	200	2359.1c9a60fc93f03f718435.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	18 KB 5 KB	30ms 28ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/2359.1c9a60fc93f03f718435.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fbf762f349f6e05472363de425068b42bdb28889bfa416c74b2e8efef54714d8 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 07 Sep 2022 02:53:03 GMT content-encoding br last-modified Mon, 29 Aug 2022 20:50:19 GMT server AmazonS3 age 949104 etag W/"0ad72fa03ce4553765bcb10ac22aa4c8" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id KsLfxbqpb4AzOydXIp3hXSvjkWRw7zMN via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id X7pYl_6XpMH1h3Okpqc-xBBgOl-LPIBHajcUboz1_V_FLy6Q5ig_-A==
GET H2	200	2551.3248daeb66e101c4f5b2.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	15 KB 5 KB	45ms 44ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/2551.3248daeb66e101c4f5b2.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3ccf1b601ffedbdc0c09a85a15ea901363888e9b0f361b12bb93c54fdd48fde4 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 14 Aug 2022 08:24:58 GMT content-encoding gzip last-modified Mon, 01 Aug 2022 21:09:04 GMT server AmazonS3 age 3002789 etag W/"5afad762ebe9695720d69027dc54ea80" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id eAS3dHddBuG4j3V40GffH4cFXSnoH6NE via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id b0Pt5JXb7Eux57bMSsA7v4QZ0RuFR3opYOLHoMCBH1fRbfOhDAMN2A==
GET H2	200	5135.c572365302484324c120.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	14 KB 4 KB	44ms 42ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/5135.c572365302484324c120.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bcf97cebab118c0d4a27fcaece9dee4a27afe5fa9e7a71c0e5d3ac9b4c6ecafe Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 29 Aug 2022 02:42:48 GMT content-encoding br last-modified Wed, 17 Aug 2022 18:33:43 GMT server AmazonS3 age 1727319 etag W/"e565e98315795fdd51a0cebd80779c23" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id 8XPPf5m_W3fqnzrb.9n5C6TTHTVnHOxs via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id ryu3rebmqnOTf-LR7WG6UBfrnSKZyoawLoCUtza3m9FOwKpsX8M4HA==
GET H2	200	8537.470c028e119756d925da.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	15 KB 5 KB	43ms 42ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/8537.470c028e119756d925da.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 69a74075f17a19953ce1bdd8a6dbba7f031a894860ddad175f408b0ecd078ab5 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 22 Aug 2022 01:10:03 GMT content-encoding br last-modified Wed, 17 Aug 2022 18:33:44 GMT server AmazonS3 age 2337684 etag W/"b28d5c3ef8c13dc7470e99037caff9b4" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id GXVnV7Shu2kyicEn1b2_5cXoyGvXP2pc via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id C9K6hbseVqNSOy-W-Q5audTRfADESAFUo2AH9UcP1MuazrVoikQ-lw==
GET H2	200	2437.34d84c0af4d6a962c843.chunk.js Show response dpjhaiprv9czz.cloudfront.net/	39 KB 10 KB	44ms 43ms	Script application/javascript	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/2437.34d84c0af4d6a962c843.chunk.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 67e11ecc29432a4a9d8cfbe29dded389ec9c6ca64df171d54e2ae5ab360a50f9 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 24 Aug 2022 05:14:35 GMT content-encoding gzip last-modified Wed, 17 Aug 2022 18:33:42 GMT server AmazonS3 age 2150212 etag W/"c27757466df7f57b0f5d96ae07d100af" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id vnTuj80uVkdOepwmo17f__372yeRUWbS via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id 0_-eEfOHToNQEDpt4ZuX81LjtIzYuiPcCcAAikpo5oScnhA2zkTlXQ==
GET H3	200	logo_200x.webp cdn.shopify.com/s/files/1/0502/2167/8757/files/	6 KB 7 KB	150ms 150ms	Image image/avif	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/files/logo_200x.webp Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d3166783a482a9ff4cdbca1f842ff2929f54c1fb30cdd53c472a1d487e34516 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 server-timing imagery;dur=286.666, imageryFetch;dur=105.686, imageryProcess;dur=180.408;desc="image" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6330 x-xss-protection 1; mode=block x-request-id fafa4198-5d34-4110-8cf2-86e4c0c23620 timing-allow-origin * last-modified Thu, 25 Aug 2022 23:54:07 GMT server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42E8Pu72rH%2B9xPTjBSV4A0diPjnQkXsZouIRTwrFG2BIWhK4G63ItH1jM5%2FZ5QAMyp8gtxui6a%2BqkctxaeqkXydWpqD3b0MLL8ePRSYLNXLwA6jFsNqwA2hxtXpaHRufvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/avif access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 accept-ranges bytes cf-ray 74c6aa55181f920e-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/files/logo_200x.webp>; rel="canonical"
GET H2	200	fender_analytics.9bd929e66a2449a7cdc1.js Show response static-tracking.klaviyo.com/onsite/js/	27 KB 11 KB	75ms 19ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-tracking.klaviyo.com/onsite/js/fender_analytics.9bd929e66a2449a7cdc1.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 13711036352cc6ee2aaf239ed66306d2e7b04e28158b89ad45d7db2e32fb5dcc Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id DxlKU8PAW5Z2L0V.1wRK5LqPR2sBWhOg content-encoding gzip age 107853 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 10605 x-amz-id-2 36f/ps//h2tsvtsRUgp6Mk8LzgnmM0HKjWkeHSxHbhGWZ7W/4R77UIFLmwMJGAxxLaUgzekp6vo= x-served-by cache-lga13628-LGA, cache-hhn4021-HHN last-modified Fri, 26 Aug 2022 20:33:40 GMT server AmazonS3 etag "d48fad1b3f959b474b934ed39d9ba542" vary Accept-Encoding x-amz-request-id V3VGV2WY5XZ8QSWT access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 2, 92331
GET H2	200	static.444020cd426b0bea12c1.js Show response static-tracking.klaviyo.com/onsite/js/	12 KB 5 KB	76ms 21ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-tracking.klaviyo.com/onsite/js/static.444020cd426b0bea12c1.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 94eb37f3ca8ec6a7d028370dfadf216aaa9a5b6f794a7462707f422aa7098f18 Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id ep5t_kHI_qKbZWWytxIKzh5j3YAjdqHx content-encoding gzip age 107854 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 5219 x-amz-id-2 NVmB6Kd0YFo9iCmGx+yu+eOqiC5jqbz25AtCBJn8Vs1Hbf0QGGXROARgd05prVYM5kfCwyQJ2xk= x-served-by cache-lga21928-LGA, cache-hhn4021-HHN last-modified Thu, 18 Aug 2022 15:05:14 GMT server AmazonS3 etag "1774dcfd43ae7a477e554d4266bbaa8e" vary Accept-Encoding x-amz-request-id EYA39404SA8WM76Q access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 5912, 92438
GET H2	200	runtime.72b42445d6f01a4ccd71.js Show response static.klaviyo.com/onsite/js/	19 KB 8 KB	63ms 20ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/runtime.72b42445d6f01a4ccd71.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1541dde8e9d2e653e5f8951b98ded4d3441e5ba00a3ce8221c7f577a5604bd9a Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id vFLV.NF1CEXPNf1WoFD3g2niQKXTaw2r content-encoding gzip age 102543 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 8073 x-amz-id-2 hR/jdXVS42YdwHSkC+mjdI1T1CpxDaD5NSZ+8c61ifCKiqJvnAiUCYTaBAsq9S6W2Zx02g1rE1M= x-served-by cache-lga21958-LGA, cache-hhn4050-HHN last-modified Thu, 15 Sep 2022 20:54:04 GMT server AmazonS3 etag "de5361322e82c6f040c0cd5f12414ce3" vary Accept-Encoding x-amz-request-id QQY0S1C1JCM9N0YT access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 1, 97574
GET H2	200	sharedUtils.dbe6f6fba25c3d5eb9b9.js Show response static.klaviyo.com/onsite/js/	33 KB 13 KB	66ms 23ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/sharedUtils.dbe6f6fba25c3d5eb9b9.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3e75ca5fcc7c97afccec24e2e35cac72fbb32aaa86e06aad46dbb01fe17f2c85 Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id J6DhPDfg3V4z4HCiiBOatFqUcC3teiEp content-encoding gzip age 107853 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 13227 x-amz-id-2 g47h3KQS4bp3IvTdylupdvCLzxAn/+Vam0i6O7FIY0/uwapwvSHVS9p0DmgzdEUqGhipQoElflk= x-served-by cache-lga21937-LGA, cache-hhn4050-HHN last-modified Tue, 06 Sep 2022 17:44:25 GMT server AmazonS3 etag "3920e36a09a180da98b37bcad5e5e2c2" vary Accept-Encoding x-amz-request-id 0RY44SXR5J2D6HRA access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 2, 454348
GET H2	200	vendors~signup_forms.f7066e273a66876a4dee.js Show response static.klaviyo.com/onsite/js/	36 KB 13 KB	69ms 26ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/vendors~signup_forms.f7066e273a66876a4dee.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ca4e54a215c2edea6b34afc63e441afc24084fb33b4a66ae99e5be43e17b02bf Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id bsJKSXN8aZQUCveR8yzC_DqAz1c7vu6. content-encoding gzip age 107854 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 12401 x-amz-id-2 jjBLvBaAHFkdYVj2+Lzl4EwiVBypzOSfV7Hh68KS7NpSMh6P+cAphy/WZOdlMir50eSlWlunTIQ= x-served-by cache-lga13620-LGA, cache-hhn4050-HHN last-modified Mon, 27 Jun 2022 21:34:56 GMT server AmazonS3 etag "8b11cc3d85af2e5a333cdf19d980234f" vary Accept-Encoding x-amz-request-id QMK0P3P9BX6C1KYD access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 1, 62910
GET H2	200	signup_forms.47564cabd447e0caeb79.js Show response static.klaviyo.com/onsite/js/	34 KB 12 KB	68ms 26ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/signup_forms.47564cabd447e0caeb79.js?cb=1 Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=TZ9PuD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 48d72594ff31c35abdc777e45df25ff36852a2775ef8b7751339757c7b888696 Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id YzUvVFTSTm9rqYmTEJ4211JqvsZ4AZ2T content-encoding gzip age 107854 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 11607 x-amz-id-2 gOGqJffLj4AyKttnk4HnLQClK31k93MkdrDcfE1uaoIaY+1Pk8e0n3DUWutMyfZy8McC3mfuuUA= x-served-by cache-lga21934-LGA, cache-hhn4050-HHN last-modified Thu, 08 Sep 2022 18:16:36 GMT server AmazonS3 etag "2d63267addf14fe8300469051c594504" vary Accept-Encoding x-amz-request-id NB2XG3YCBMHKQSVG access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 2, 64074
POST H2	200	stream ltp.linktr.ee/	0 0	546ms 478ms	Ping application/x-amz-json-1.1	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ltp.linktr.ee/stream Requested by Host: assets.production.linktr.ee URL: https://assets.production.linktr.ee/ltpixel/ltpix.min.js?t=1663545600000 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/4VZVS64FNRFEXAUW3D4PZO/	83 KB 23 KB	651ms 599ms	Script text/javascript	2600:9000:206f:ae00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/4VZVS64FNRFEXAUW3D4PZO/roundtrip.js Requested by Host: assets1.adroll.com URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=4VZVS64FNRFEXAUW3D4PZO&adroll_pix_id=A5AOKNR44NHIVM7TSARV6U Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:ae00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a7f9760d2ef5a52979529ba3e22e7364ff4401132249077827fdeb878fddebe7 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers X-Amz-Version-Id RmNmY0gkgkdHJUmhZnYXBVXmSX9v2vHU Content-Encoding gzip Etag W/"f0e8507d3f68179686227a8e3ac98ce7" X-Amz-Cf-Pop FRA56-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache RefreshHit from cloudfront Access-Control-Max-Age 600 Connection keep-alive Access-Control-Allow-Origin * Last-Modified Sat, 17 Sep 2022 00:40:00 GMT Server AmazonS3 Date Sun, 18 Sep 2022 02:31:27 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Via 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront) Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id ywcdZUBoF8zV-nr1iFSEzSXNqoZXeBt85p53bB4ON6ZWVVCPWbkejw==
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 314 B	221ms 169ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:26 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 5b12942f-db54-4936-91a3-2db5ac0430e0 server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE7iQeeXSL%2FWVXZJVqllwN2edN7LlvthLeuF1GmLep%2F7ygT2zwSVHZ4%2Fke26H4DF2iNIjf1COETV4Um1ipZhguFEtjVMh9eWlSwfx2UcwDyOG4PEin4iLYTV4LNz69Ql7qGSuuOBOgi1Tvndevc%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa557b419a17-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
GET		0c3bc5536001f611a456.otf dpjhaiprv9czz.cloudfront.net/	0 0
GET H/1.1	401 Unauthorized	accounts Show response app.fandiem.com/api/	24 B 654 B	371ms 119ms	Fetch application/json	54.204.238.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.fandiem.com/api/accounts Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-204-238-15.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 3be5b8e53fdc8b0a2996590589456db33504977f3d1ce9bb75016c8a707e1a71 Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:26 GMT Via 1.1 vegur Etag "18-XPDV80vbMk4yY1/PADG4jYM4rSI" Server Cowboy X-Powered-By Express Vary Origin, Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://fandiem.com X-Ratelimit-Remaining 999 Access-Control-Allow-Credentials true X-Ratelimit-Reset 1663468517 X-Ratelimit-Limit 1000 Connection keep-alive Content-Length 24
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	101 KB 26 KB	24ms 23ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26839 x-xss-protection 0 pragma public x-fb-debug 34hF8LcfkRUcuO0DLAipeRwshaqSauOC5qWe2t1rAetd/pwOiKEQmG2s2IG2iY97/DSYALTVKdxdQuTYCecZ0w== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 18 Sep 2022 02:31:26 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 5366 date Sun, 18 Sep 2022 01:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 18 Sep 2022 03:02:00 GMT
GET H2	200	core.js Show response s.pinimg.com/ct/	1 KB 1 KB	335ms 150ms	Script application/javascript	2a02:26f0:6c00:2b5::1931 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/core.js Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2b5::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d8261c0f4ae314e710ac7b15aa6bd0cf371de5b1cec41331ca12a1c392742ce6 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers akamai-x-true-ttl 7200 x-cdn akamai etag "7cac7e5d9e2b15cdc4ae76549dde174b" vary Accept-Encoding, Origin access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control max-age=7200 accept-ranges bytes content-length 1182 access-control-expose-headers X-CDN
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	126 KB 38 KB	182ms 118ms	Script application/javascript	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-akamai-request-id 324dbad1.32fb1c3f date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-parent-response-time 94,23.36.161.200 server-timing cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=3 pragma no-cache server nginx x-tt-logid 20220918023126F660FA3C444FEBB2F081 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 7,23.220.104.204 x-tt-trace-host 01176b51d7392c1fa000bd81347ecbc7316611010c6db0c619a8407053d1d722ef7bdc7c422e658a41a688bd9743b569086a81dfe18a9204075298fe6490b0c56c715eed656434badd2476c90a1475807fc8d0c6309fe26566adbb2a59b253c147 expires Sun, 18 Sep 2022 02:31:26 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	164 KB 61 KB	41ms 37ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-370662395 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 047054167646bb63b04e56e0add8201e6a004e39bac3679a27b3315b6caa6bcf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61918 x-xss-protection 0 last-modified Sun, 18 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 18 Sep 2022 02:31:26 GMT
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 293 B	165ms 165ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:26 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 203a0831-424f-4d00-b597-13d483d87701 server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVUN77hzrMz31gSNFZB%2BwTU8Nnqe4zQUr7j7alMnSPr6W0yMl7E79ZAAE5PiorzL1jNOReNBCGpXHoQdmUEeIXlt9w0HD1eqWxJ4nWS4c5bSr9iSxWC5D4kE9ywFy6JEVHNIG1oCClNhaE86z9A%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa559b519a17-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 850 B	134ms 131ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:26 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 29a5ddfb-0415-47db-bb6d-bd49c8b8decb server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX2Nkf%2FEFgZ7lZjTpOjMjE%2Fjx4RKEBQaggLYFgbHOCc6bB4oBwEFFw5bYWyDeNFDat40py79S1JuTBnzyKNuyngWlfcl44hq8s4cV6gpBfIdjzQgT3Z9HGpPOn3INNU8%2BAXwFSvpgXrzDnHdJn0%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa55ab5c9a17-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 300 B	131ms 130ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:26 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 2411d3bf-6a88-475f-b9c0-dd6261726193 server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XWKyX0M%2Fn8jCeka8vvMZ6aHCgtCdmS%2B8XIoDNxd4kvpnwFAHBB5F23IYU1IZBobWC%2BeqDEsUVYKDl9hUmuHGdBQIr%2B9hkFObec0Ube4SuAKPNnz9I5nLqoNbmYgnkeGmsE2xB5%2BG2FSNOX%2BnsU%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa55ab5e9a17-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 307 B	131ms 131ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:26 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id f15005a0-c328-416c-a7d3-38e8c3752783 server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNLhw1ubGKzNkq2KAX%2FrhZ5nz%2FyHr6u4aCWU3p3L5H%2Fvcr%2Fy%2BclnKSJ0JyVmlz9y%2Fz%2F9i%2FNldRw6%2BbDdSSmVvaXCvQ%2FFlfGMlHPgUoyULDQ61mYbMM4dD12AZAxg2AjoP1gO%2FLeoOZH2iJmEXDs%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa55ab5f9a17-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
POST H2	200	produce_batch monorail-edge.shopifysvc.com/unstable/	0 296 B	151ms 150ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/unstable/produce_batch Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/trekkie.storefront.4e66b7932daba00cfd93bde327ce9e8f09bc9ffe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:26 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id b716c46d-6e8f-4650-b712-84afb7cd936a server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuJHDKWRVSM0IelBzNxtCY2LmLiupOtOwfsaSbOIvhgUQvA2H8soKjPx0Q%2Bk4Df8IpYwGN609nER1nS9MPDKnj%2B%2BmX0Ywa4g2mzPVYmeOJW2DbNSQ3bqF9hrvtEIk914PVGSKljgHoX3Fn8I7JM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa55bb709a17-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4369313%26time%3D1663468286454%26url%3Dhttps%253A%252F%252Ffandiem.com%252Fsweeps... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3D...	0 265 B	195ms 124ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true&e_ipv6=AQKYBVSusTW7cwAAAYNOb7QBsDJPgUfYdDkrFv29Emz7We5JpNZ_3qcgueoBcCL1vshkMmjyxrTPmw Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: E9F819B13CD7424E916444FAD09D87C2 Ref B: DUS30EDGE0814 Ref C: 2022-09-18T02:31:27Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXo6mRaGsVCHzoG/av8tw== x-li-fabric prod-lva1 Redirect headers date Sun, 18 Sep 2022 02:31:26 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 625C237F5D1D4E738E16ADBF2C2F1227 Ref B: DUS30EDGE0815 Ref C: 2022-09-18T02:31:26Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4369313&time=1663468286454&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&liSync=true&e_ipv6=AQKYBVSusTW7cwAAAYNOb7QBsDJPgUfYdDkrFv29Emz7We5JpNZ_3qcgueoBcCL1vshkMmjyxrTPmw x-li-proto http/2 content-length 0 x-li-uuid AAXo6mRW/GxYvefXftf9aw==
GET H3	200	MazzardH-Regular.otf cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	125 KB 52 KB	767ms 720ms	Font font/otf	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Regular.otf Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb4124fd2515e60b5a2827c9dc9f3f8e72d0deb5c2655f2e52e2502d8b1a03d4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTagybifsXx2DvH4F%2BAX82NUyZjdivcLhK2YtbiRPnUtS0X9vRLkuJQrZHsEf%2B7shwXmhWS%2BHUQgvQTutYrij1M%2BLY9PKn2sIiV2kN7c%2BYadEqY4XRWwrSdQZm5je3IAjg%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=62.806, imageryFetch;dur=62.492 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id a3f858e0-ce43-4001-8417-66c92d086687 timing-allow-origin * last-modified Fri, 26 Aug 2022 04:09:11 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/otf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa56facd92b9-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Regular.otf>; rel="canonical"
GET H2	200	44c177a2cf3f51556bcc.png dpjhaiprv9czz.cloudfront.net/	24 KB 24 KB	34ms 31ms	Image image/png	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpjhaiprv9czz.cloudfront.net/44c177a2cf3f51556bcc.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7e3e30ee6c862f3799010c62fe83dc68045a679c7180593205dca6c6055266e4 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 07 Sep 2022 07:04:14 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) last-modified Mon, 29 Aug 2022 20:50:20 GMT server AmazonS3 age 934033 etag "07c79c1d02bb5d53ec872717fcec2f89" x-cache Hit from cloudfront x-amz-version-id OB7hsiv3cQ.ke62pNWN5Hg88_GMU5e0M cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type image/png content-length 24345 x-amz-cf-id ddgopZAkpEA732gFCaA4HklD6cuPMhJStxGsQqzwt4Z-z645t4CkPw==
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 77b65f6b949a0df2913d86a6e4269e5d70d6cff759561ec7ff5a9cc6dcdfcdab Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ec4d0ac88e3e0b7ab79d.png dpjhaiprv9czz.cloudfront.net/	23 KB 24 KB	36ms 34ms	Image image/png	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpjhaiprv9czz.cloudfront.net/ec4d0ac88e3e0b7ab79d.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b8cacb22daf8ec643b05dc026d4a5fe9cf342ba7037b30b97406dccc24e891d5 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 03 Sep 2022 17:10:24 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) last-modified Mon, 29 Aug 2022 20:50:21 GMT server AmazonS3 age 1243263 etag "2907b801c6e270f10d18ffa7844f0a69" x-cache Hit from cloudfront x-amz-version-id VGRBCGIcfa2E2uFgkuCubYn0kt19HcZr cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type image/png content-length 23900 x-amz-cf-id fQdHZn2yfIOfg6Js0it7CrfEFXjWBxNFP0qdJQODd7AL4AeMMR5PJA==
GET H2	200	59311a935f8900b58658.webp dpjhaiprv9czz.cloudfront.net/	5 KB 6 KB	29ms 27ms	Image binary/octet-stream	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpjhaiprv9czz.cloudfront.net/59311a935f8900b58658.webp Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 403b5b85d4fe4c8f14257d10e9b3e385b54f59b29eda6dadd0df69385abd5f4b Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 25 Aug 2022 11:25:55 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) last-modified Wed, 17 Aug 2022 18:33:43 GMT server AmazonS3 age 2041532 etag "b3e49c2b84a6c49a5a38eaacfea33dad" x-cache Hit from cloudfront x-amz-version-id Nsf4Fk1h94EX75TwmHgS1.eCsvqXAlKx cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type binary/octet-stream content-length 5500 x-amz-cf-id mXTGpqS--zH0dbMT_QvbSKEkdBn1YtSmSx6IIALJ6fjXl3k9KC11Mw==
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0a03b7c870a8bdd46bcdbdc7e4febec2e20745e57eddac19b1fad4dff29c1a67 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET H2	200	fff8638c5dca5c2f6c15.png dpjhaiprv9czz.cloudfront.net/	39 KB 40 KB	34ms 33ms	Image image/png	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpjhaiprv9czz.cloudfront.net/fff8638c5dca5c2f6c15.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7834e34df935dbc64177d735ef20374c18ee66f91c0486e7a55f8c9d52e13e1b Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Wed, 24 Aug 2022 05:14:36 GMT via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) last-modified Wed, 17 Aug 2022 18:33:44 GMT server AmazonS3 age 2150211 etag "19139ce48f7af62cd93901da23a1f821" x-cache Hit from cloudfront x-amz-version-id ZncVKIXc2oE4suC3viSgsr1dYlNenDq8 cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type image/png content-length 40245 x-amz-cf-id byRBeDFZPQiT9368-zaBdhV9aVio3EalyFX9_0rMmMIlRSztWy0qcA==
GET H3	200	main-menu Show response fandiem.com/pages/menus/	2 KB 2 KB	235ms 234ms	XHR text/html	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/pages/menus/main-menu Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash ee364bcd0484239d169fade3449cb43f7f512ebc728f1f39cc2c68b7cfe32367 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production x-cache miss content-type text/html; charset=utf-8 x-alternate-cache-key cacheable:52e26a186255c3ac25a3bdb533393a72 server-timing processing;dur=92, db;dur=52, parse;dur=1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xponlWF3rZXbU8NTuv1jjt4vDFb%2FNayrx51VaO7aBOW5LfyNk%2BMBwFCXo86HsTFLNXCoSruoc5YbykdKx7CaRDfr3vR9PmC9CQ2wwGHSozr50NNy%2B%2Bn136qt17xS"}],"group":"cf-nel","max_age":604800} x-download-options noopen access-control-allow-origin * vary Accept content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; x-request-id 9889922b-c01b-441a-9438-9b0b29db0bd7 cf-ray 74c6aa56b9a79974-FRA link <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin x-sorting-hat-podid 253
GET H3	200	explore Show response fandiem.com/pages/menus/	666 B 2 KB	236ms 236ms	XHR text/html	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/pages/menus/explore Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash ab3bddc0103cbbbca75d1b24c50b7468e2ae9fcdd8c1ddc74ce49a6ca82f4ee1 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production x-cache miss content-type text/html; charset=utf-8 x-alternate-cache-key cacheable:ca6034c923cfa88ab59ff2cf3447dc06 server-timing processing;dur=95, db;dur=45, parse;dur=1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyvzk1PcTutGG%2Fs8VGBLlt0aKTHWTUwIcRxN2cHS%2Fb8EBdYnP8UOtsTQaVtgjJepU4v%2BMFhBewe6papsbsZ3GVyN5IqvuOw6yjKmQwNKLjE8%2BYoD%2FtIUrh6qijFn"}],"group":"cf-nel","max_age":604800} x-download-options noopen access-control-allow-origin * vary Accept content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; x-request-id 007a7200-6c8f-4815-bdff-1c090f7824a4 cf-ray 74c6aa56b9a89974-FRA link <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin x-sorting-hat-podid 253
GET H3	200	legal Show response fandiem.com/pages/menus/	521 B 2 KB	279ms 278ms	XHR text/html	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/pages/menus/legal Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash 8a6c490d0c1632dd1b493a03bb8b0ffe69a44f449d2c1e13cf2e64126501dbf0 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production x-cache miss content-type text/html; charset=utf-8 x-alternate-cache-key cacheable:ab1ef7cddda811df94bed1051bd94c9b server-timing processing;dur=133, db;dur=42, parse;dur=1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdEekaNY5MzoCXF58AqbUcg07NziniyCI%2B2C4E9d5Q6jQxAYyk1wFEHyLobyWs3s%2B%2FENGpfTBrUvCHvg9JuIDoHcph1%2FkAjHFbqZRuRQgc6EAV2UgN4AmGT%2BS0lB"}],"group":"cf-nel","max_age":604800} x-download-options noopen access-control-allow-origin * vary Accept content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; x-request-id 94335f07-e9d2-4c8d-9931-92f458d1f86d cf-ray 74c6aa56b9aa9974-FRA link <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin x-sorting-hat-podid 253
GET H3	200	donate Show response fandiem.com/pages/menus/	423 B 2 KB	238ms 237ms	XHR text/html	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/pages/menus/donate Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash 146f6845dc6945c31f85cc5a26f0ee2632acfdfbefe757e450e70709e51e415f Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production x-cache miss content-type text/html; charset=utf-8 x-alternate-cache-key cacheable:cf4bb8abc0097638744e7499c59589b5 server-timing processing;dur=89, db;dur=49 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjlyfIHRb4WkRoV%2B2yJyVOMd9qGtU36vyv%2FbTgieXg1fyXh1RJs3TyiDpLFb6%2BxMs%2Bik2ltqGVMNFggkf1lSuSzVAz2JmLdL5tluIPirlnav%2BF7aiqR9jFXxNjND"}],"group":"cf-nel","max_age":604800} x-download-options noopen access-control-allow-origin * vary Accept content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; x-request-id ea790f3b-3890-4aac-a398-4a5b680808b2 cf-ray 74c6aa56b9ab9974-FRA link <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin x-sorting-hat-podid 253
GET H3	200	about Show response fandiem.com/pages/menus/	598 B 2 KB	229ms 228ms	XHR text/html	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/pages/menus/about Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash cdf815e9555bbca27b279310c8dabfc4cd43d9a15b7361e674889f4f1d6c1029 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production x-cache miss content-type text/html; charset=utf-8 x-alternate-cache-key cacheable:682d4c2aa9a8b6124ac983a999779267 server-timing processing;dur=86, db;dur=47 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08WrbYtkoc7da6t%2Bb8Tyg9q0sfjYzT3iBjo9Ppj%2BFRw%2F7AvLfOCHTO7E3QiebeS8dUolY4ZosWU1aepLkyXKrqxKE9Z2P3Vr0IS%2BZfvead0EpWsKD2xfBDT4Xe45"}],"group":"cf-nel","max_age":604800} x-download-options noopen access-control-allow-origin * vary Accept content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; x-request-id 68cee75d-b6dc-425b-99dc-d8da04513941 cf-ray 74c6aa56b9ae9974-FRA link <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin x-sorting-hat-podid 253
GET H/1.1	200 OK	kesha Show response app.fandiem.com/api/public/sweeps/	12 KB 4 KB	286ms 155ms	XHR application/json	54.204.238.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.fandiem.com/api/public/sweeps/kesha Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-204-238-15.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 446129472ca996b1e7092af7004f504f1f246c2a153eb62f94aa07875cbed5ab Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:26 GMT Content-Encoding gzip Etag "306c-hLfWrQa4ayv53j1kyzYUUWWUHa4" Server Cowboy Access-Control-Allow-Origin https://fandiem.com X-Powered-By Express Vary Origin, Accept-Encoding Content-Type application/json; charset=utf-8 Via 1.1 vegur X-Ratelimit-Remaining 998 Access-Control-Allow-Credentials true X-Ratelimit-Reset 1663468517 X-Ratelimit-Limit 1000 Connection keep-alive Transfer-Encoding chunked
GET H2	200	f2eeeb7957aed685293d.otf dpjhaiprv9czz.cloudfront.net/	126 KB 50 KB	27ms 26ms	Font font/ttf	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/f2eeeb7957aed685293d.otf Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 838e202d62f0841ecf7e577b095f4cbfe84507cc3e1a651b2eaaf8a821d9f2d8 Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:44:37 GMT content-encoding br vary Accept-Encoding age 5903210 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 05 Jul 2022 23:41:44 GMT server AmazonS3 etag W/"5b52f8b17693f17adb0c50d90798603f" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id 33cuc2MUASuGNtSEcNYWl79vBpFF2.8k via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type font/ttf x-amz-cf-id s_PNkne5GgPHtVL4VtBn142y2yYVupUaGvsWaBlso6A2VfSrDmWdkg==
GET H2	200	adsct t.co/i/	43 B 339 B	179ms 125ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=89657413-20e0-4bed-9745-61c3c5fe2374&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48ad9c5c-ed1e-42e7-a4d5-2e253bfee7b8&tw_document_href=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5d49&type=javascript&version=2.3.27 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-response-time 103 date Sun, 18 Sep 2022 02:31:26 GMT server tsa_o strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash 63e0cff47377e62f0bb56a335447b681d5598a450955d33d5f03735dfd024190 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 354 B	195ms 133ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=89657413-20e0-4bed-9745-61c3c5fe2374&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48ad9c5c-ed1e-42e7-a4d5-2e253bfee7b8&tw_document_href=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5d49&type=javascript&version=2.3.27 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-response-time 112 date Sun, 18 Sep 2022 02:31:25 GMT server tsa_o strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash 5c5f6bc2ef1c0ecb8fc9627896d4d085bd22486a02b5b6ab9a1adddf76b83b95 content-length 43
GET H2	200	/ Show response prism.app-us1.com/	250 B 393 B	186ms 185ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=1001208398&u=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&r=http%3A%2F%2Fwinwith.fandiem.com%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 41422734393b066245eabed6611e223c3527a0ce95c405cea1075fe55ca44254 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.30 content-type application/javascript cache-control no-cache, private x-envoy-upstream-service-time 63 cf-ray 74c6aa5709babbe6-FRA
GET H2	200	sentry.32defc2659e6aaee877c.js Show response static.klaviyo.com/onsite/js/	39 KB 14 KB	21ms 20ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.klaviyo.com/onsite/js/sentry.32defc2659e6aaee877c.js Requested by Host: static.klaviyo.com URL: https://static.klaviyo.com/onsite/js/runtime.72b42445d6f01a4ccd71.js?cb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1b74a880e9d1210332daddfd254a62050679989f2f3e3cc82c4e5c42c0b3201d Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id dfLsDl8VLO.6iF0ywhx7WzEKF1pIu7qh content-encoding gzip age 102542 via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key fender-asset content-length 13736 x-amz-id-2 x3IfQ/uk9Ro+E0nn2gKocO1ATVUXGjEKzmLgUqovHOOnd9G+ViE5qU/m/REqKdHHhtWOft0onnA= x-served-by cache-lga21935-LGA, cache-hhn4050-HHN last-modified Mon, 08 Aug 2022 14:40:46 GMT server AmazonS3 etag "28b2f273ea92b5951335870743671025" vary Accept-Encoding x-amz-request-id 7TWP664K0TNBC8SS access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=10800 accept-ranges bytes content-type application/javascript date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 9514, 53831
GET H2	200	onsite Show response fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/	711 B 1 KB	74ms 21ms	XHR application/json	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=TZ9PuD Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f68d27acd527de195aef61018035ad71196cc6f3123849e74f3fe1bf9abd406a Security Headers Name Value Strict-Transport-Security max-age=900 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT via 1.1 varnish, 1.1 varnish age 4046489 x-cache HIT, HIT access-control-max-age 86400 strict-transport-security max-age=900 content-length 711 x-served-by cache-bos4650-BOS, cache-hhn4083-HHN allow GET, HEAD, OPTIONS server nginx vary Cookie access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=10 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers x-cache-hits 1, 9
GET H2	200	full-forms Show response static-forms.klaviyo.com/forms/api/v6/TZ9PuD/	4 KB 2 KB	74ms 22ms	XHR application/json	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static-forms.klaviyo.com/forms/api/v6/TZ9PuD/full-forms Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 39cb7d896df9d4c27e8f47b8caad591c13b3d3598cc12abbf31f14dd3fe4b1d0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-amz-version-id r8WGcyoXkKta9UAjHrx3Op5oDixNytRo content-encoding gzip age 1638471 via 1.1 varnish x-cache HIT client-geo-continent EU x-amz-meta-surrogate-control max-age=31536000 x-amz-meta-surrogate-key full-forms/shared full-forms/TZ9PuD custom-fonts/TZ9PuD content-length 1199 x-amz-id-2 Iltq7i8zdkN3yh+/zLJf0YZRJdTvVm0+PiRaBBN3lfzWOE+x4otw8yTK0PhtGctIfdpQo0c3Yzs= x-served-by cache-hhn4037-HHN client-geo-country DE last-modified Thu, 18 Aug 2022 03:56:33 GMT server AmazonS3 x-timer S1663468287.624489,VS0,VE1 etag "0116b63f4c4027706901df3e0e8fb63e" vary Accept-Encoding x-amz-request-id N27NPJGART18JH8Q access-control-allow-origin * access-control-expose-headers client-geo-continent, client-geo-country cache-control max-age=5 accept-ranges bytes content-type application/json date Sun, 18 Sep 2022 02:31:26 GMT x-cache-hits 1
GET H3	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 01:34:47 GMT content-encoding br x-content-type-options nosniff age 3399 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1129 x-xss-protection 0 last-modified Thu, 30 Dec 2021 12:48:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 18 Sep 2022 02:34:47 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	92ms 27ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-181963629-1&cid=1846812342.1663468284&jid=1418144835&gjid=200865249&_gid=1899406320.1663468284&_u=QCCAgEIJBAAAAE~&z=1621492863 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 18 Sep 2022 02:31:26 GMT content-type text/plain access-control-allow-origin https://fandiem.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	20ms 19ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=790476802&t=pageview&_s=1&dl=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&dr=http%3A%2F%2Fwinwith.fandiem.com%2F&dp=%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ul=en-us&de=UTF-8&dt=Win%20an%20Autographed%20Picture%20of%20Kesha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCAgEIJB~&jid=1418144835&gjid=200865249&cid=1846812342.1663468284&tid=UA-181963629-1&_gid=1899406320.1663468284&did=BwiEti&z=111606596 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sat, 17 Sep 2022 18:02:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 30520 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	410807596975192 Show response connect.facebook.net/signals/config/	293 KB 84 KB	23ms 22ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/410807596975192?v=2.9.83&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1c4bdb938c9803c559e9636615c843c7e1ee67369fc0fa064989bc3e66f1e7c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 86336 x-xss-protection 0 pragma public x-fb-debug 2oW6/qIF+G3q4ezliMN590aJzxqA7Z+OfPbXpR0DQW4yPG9t1C9hAplH1C62qTY1YNydPyXYvESvM4zpplDdgg== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 18 Sep 2022 02:31:26 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 16 KB	106ms 31ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-370662395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15697 x-xss-protection 0 server cafe etag 1764007376392519731 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 18 Sep 2022 02:31:26 GMT
GET H2	200	identify.js Show response analytics.tiktok.com/i18n/pixel/	114 KB 31 KB	117ms 116ms	Script application/javascript	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/identify.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 2022091802312688EE421BA7B31AC6045D vary Accept-Encoding x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 96,23.36.161.200 x-tt-trace-host 01176b51d7392c1fa000bd81347ecbc7314da009dcbb6b62c3b69374bb353d46357df08e6abdffb2bb733bb8d84825fe5edae2b82eaa16de98fc7966513b1dcae5060065790c77d0600c0cad099bce523d server-timing inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96 x-akamai-request-id 32fb1e2b expires Sun, 18 Sep 2022 02:31:26 GMT
GET H2	200	config.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	138ms 138ms	Script application/javascript	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1VL44OQDRQBNKO1M8DG&hostname=fandiem.com Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 6a8ef59459d7ed3ba19628c31019b87bab034c2870a2781c1f4e19f2d35c0d54 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers x-akamai-request-id 143d7c98.32fb1e98 date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-cache-remote TCP_MISS from a184-51-149-164.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-parent-response-time 118,23.36.161.200 server-timing cdn-cache; desc=MISS, edge; dur=83, origin; dur=35, inner; dur=21 content-length 1869 pragma no-cache server nginx x-tt-logid 2022091802312632B398B4FAB4CDE22906 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 35,184.51.149.164 x-tt-trace-host 01176b51d7392c1fa000bd81347ecbc731aeecfb24c6d4ad1f2070023c6cad6368e1194e40e3c8349fcd4e3f5230a09c27daea225183d545ace2aafde466a32fb50b405aef2eb1faf33d341291163051a25c22cc2630118cf5ff2906a5d3e7a278 expires Sun, 18 Sep 2022 02:31:26 GMT
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	87ms 28ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 18 Sep 2022 00:45:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 18 Sep 2022 02:31:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 18 Sep 2022 02:31:26 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	77ms 33ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=1846812342.1663468284&jid=1418144835&_u=QCCAgEIJBAAAAE~&z=863699120 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	39ms 39ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-181963629-1&cid=1846812342.1663468284&jid=1418144835&_u=QCCAgEIJBAAAAE~&z=863699120 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	22ms 22ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=790476802&t=event&ni=1&cu=USD&_s=2&dl=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&dr=http%3A%2F%2Fwinwith.fandiem.com%2F&dp=%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ul=en-us&de=UTF-8&dt=Win%20an%20Autographed%20Picture%20of%20Kesha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EnhancedEcommerce&ea=Viewed%20Product&_u=SCCAgEIJBAAAAE~&jid=&gjid=&cid=1846812342.1663468284&tid=UA-181963629-1&_gid=1899406320.1663468284&did=BwiEti&pa=detail&pr1id=win-an-autographed-picture-of-kesha-100-entries&pr1nm=Win%20an%20Autographed%20Picture%20of%20Kesha%20-%20100%20entries&pr1ca=&pr1qt=1&pr1pr=10.00&pr1br=Fandiem-KESHA&pr1va=100%20entries&z=65121837 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sat, 17 Sep 2022 18:02:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 30520 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	48ms 23ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=410807596975192&ev=PageView&dl=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&rl=http%3A%2F%2Fwinwith.fandiem.com%2F&if=false&ts=1663468286727&sw=1600&sh=1200&v=2.9.83&r=stable&a=shopify&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22653142685708720%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22326808842606046%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1663468284451.711547148&it=1663468286571&coo=false&eid=4e6fb685-62A1-4F49-BDB2-028DED471B87&rqm=GET Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Sun, 18 Sep 2022 02:31:26 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	48ms 23ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=410807596975192&ev=ViewContent&dl=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&rl=http%3A%2F%2Fwinwith.fandiem.com%2F&if=false&ts=1663468286727&cd[content_ids]=%5B7548640624894%5D&cd[content_type]=product_group&cd[content_name]=Win%20an%20Autographed%20Picture%20of%20Kesha%20-%20100%20entries&cd[content_category]=&cd[currency]=USD&cd[value]=10.00&sw=1600&sh=1200&v=2.9.83&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1663468284451.711547148&it=1663468286571&coo=false&eid=4e6fb690-0C92-4910-B0D7-381EB1242124&rqm=GET Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Sun, 18 Sep 2022 02:31:26 GMT
POST H/1.1	204 No Response	matomo.php app.theadslab.io/	0 0	1273ms 1271ms	Ping text/html	18.189.120.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.theadslab.io/matomo.php?action_name=Win%20an%20Autographed%20Picture%20of%20Kesha&idsite=335&rec=1&r=458650&h=2&m=31&s=26&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&urlref=http%3A%2F%2Fwinwith.fandiem.com%2F&_id=2d4dff3915e8179f&_idn=1&_rcn=f-covid-bandsintown-sweet-relief-2022&_refts=1663468287&_ref=http%3A%2F%2Fwinwith.fandiem.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=pki1eu&pf_net=46&pf_srv=359&pf_tfr=118&pf_dm1=531 Requested by Host: app.theadslab.io URL: https://app.theadslab.io/matomo.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.189.120.64 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-189-120-64.us-east-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers
GET H2	200	main.55e552f9.js Show response s.pinimg.com/ct/lib/	53 KB 18 KB	157ms 145ms	Script application/javascript	2a02:26f0:6c00:2b5::1931 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/lib/main.55e552f9.js Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/core.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2b5::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash ecf5185587dc584318775956d242115534ec7d928758081c0f9a1e3f97992508 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers akamai-x-true-ttl 1209600 content-encoding gzip x-cdn akamai etag "84c1602180f73853dc1e35f7296bdf7d" vary Accept-Encoding, Origin access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control max-age=1209600 accept-ranges bytes content-length 18601 access-control-expose-headers X-CDN
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/	3 KB 2 KB	90ms 39ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1663468286831&cv=9&fst=1663468286831&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 258d424f21aa66d129687f857dd650de3751360eb8e87f3c10942043a2c8803f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1166 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/370662395/	2 KB 2 KB	80ms 34ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/370662395/?random=1663468286833&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 0f52cce1fbe4cedd605b9ef7de53bbc22c590e2b2eb0cc35024482c85739254c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1522 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/370662395/	2 KB 2 KB	117ms 74ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/370662395/?random=1663468286836&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b322eb7938f47a4261d66c567e378be519fe9b231c3c186cdf99d0e750741d01 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:26 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1566 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	qjLGWf-qzxs Show response www.youtube.com/embed/ Frame 5F84	65 KB 27 KB	114ms 63ms	Document text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/qjLGWf-qzxs Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/shopify_v580.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d1184b8479fe57a5d5a7ba3eb27e015cac338c2b215dbfc32ac6280b8ecff96d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fandiem.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" date Sun, 18 Sep 2022 02:31:26 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	main.min.js Show response widgetv3.bandsintown.com/	852 KB 247 KB	94ms 28ms	Script application/javascript	143.204.215.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgetv3.bandsintown.com/main.min.js Requested by Host: dpjhaiprv9czz.cloudfront.net URL: https://dpjhaiprv9czz.cloudfront.net/2280.e7143f3dfeffe279a661.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-89.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 3c383c1c9e013aa4e18de9d8b301f81cd901bb6f661bc0b64c0b71d89d5f99e1 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 01:49:24 GMT Content-Encoding gzip Connection keep-alive Last-Modified Wed, 24 Aug 2022 20:38:35 GMT Server AmazonS3 Age 3195 ETag W/"e73f97789280e0d2600843d4c527cc72" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront) Cache-Control max-age=3600 Transfer-Encoding chunked X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id C_zCgRkect5Ice7guCO_BAovlwCD2GJ3ExKsIlSiR7hupuz1RNA6hw==
GET H2	200	GNwXVi5.png i.imgur.com/	91 KB 91 KB	78ms 22ms	Image image/png	151.101.12.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/GNwXVi5.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 13eb7acfd4c39ff1169d1551db8131b249a189ce7dec58d8e01c2fd60b6f7fcf Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:26 GMT x-content-type-options nosniff age 3344179 x-cache HIT, HIT content-length 93297 x-served-by cache-iad-kiad7000116-IAD, cache-fra19133-FRA last-modified Mon, 07 Feb 2022 19:59:15 GMT server cat factory 1.0 x-timer S1663468287.968305,VS0,VE2 etag "6f0b37df39c734c27991518131ca0cdd" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET H3	200	analytics.js Show response cdn.shopify.com/shopifycloud/media-analytics/v0.1/	24 KB 9 KB	146ms 146ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgYa4mnlHZwH%2FBEc%2BJtZLiwzAMgE%2Bkvw00aIVMU8rN77%2F6jrtDCqFUcYB1WTKB%2FaxJsEubJduVbB4xwbHiTSj7ZmdG7jc6hi0vtj4pK2OtY4A8mG70BHkkjJLEGm%2BoDWyw%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=16.367, imageryFetch;dur=16.219 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 3ded5337-3ad4-4427-a02a-f86dd6e81973 timing-allow-origin * last-modified Sun, 18 Sep 2022 02:19:24 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 cf-ray 74c6aa593d8e92b9-FRA link <https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js>; rel="canonical"
GET H2	200	Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png d1tkzf9ss7ctgm.cloudfront.net/10x/images/	304 B 656 B	82ms 25ms	Image image/png	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3f11d6f947628cf65a4d88f2d44ea003d7ba21fd4145b569c34fd6aff1ec19a7 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 17 Sep 2022 12:34:55 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Wed, 02 Feb 2022 01:47:03 GMT server AmazonS3 age 50191 etag "d64e8b3fa8e7c4f6cb45e3bc1c541e54" x-cache Hit from cloudfront x-amz-version-id f1sW4Dk9ZvQIzNVCY28jSWBpz2WjTg7Y x-amz-cf-pop FRA53-C1 content-type image/png content-length 304 x-amz-cf-id 1mdJFo_BBtn9RoVyHZSL_673a5Fas5_dMenTiXgqDREF7fZSTMOnaw==
GET H/1.1	200 OK	latestDrops Show response app.fandiem.com/api/public/	11 KB 2 KB	394ms 177ms	XHR application/json	54.204.238.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.fandiem.com/api/public/latestDrops?collection=390449398014 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-204-238-15.compute-1.amazonaws.com Software Cowboy / Express Resource Hash d172f6ddcfec6181047bbc4a4e696cfbd2a89c81b6774543a2b46b90092879c0 Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:27 GMT Content-Encoding gzip Etag "2c7c-C41saWIqgUa1f06LMXjiUF6YSsA" Server Cowboy Access-Control-Allow-Origin https://fandiem.com X-Powered-By Express Vary Origin, Accept-Encoding Content-Type application/json; charset=utf-8 Via 1.1 vegur X-Ratelimit-Remaining 997 Access-Control-Allow-Credentials true X-Ratelimit-Reset 1663468517 X-Ratelimit-Limit 1000 Connection keep-alive Transfer-Encoding chunked
GET H/1.1	200 OK	activity Show response app.fandiem.com/api/public/sweeps/3eb27c03-3e8d-482a-b426-81959f335101/	574 B 1 KB	384ms 164ms	Fetch application/json	54.204.238.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.fandiem.com/api/public/sweeps/3eb27c03-3e8d-482a-b426-81959f335101/activity?limit=10&cursor= Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-204-238-15.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 3b380bb76593cdb8432dff1dd3ae1740de4f7059d6caa2eb7d93f024c9a215a0 Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:27 GMT Via 1.1 vegur Etag "23e-AIKMUS1Pw1VNWaEiJTvZTJos01s" Server Cowboy X-Powered-By Express Vary Origin, Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://fandiem.com X-Ratelimit-Remaining 996 Access-Control-Allow-Credentials true X-Ratelimit-Reset 1663468517 X-Ratelimit-Limit 1000 Connection keep-alive Content-Length 574
GET H2	200	cf9a11deda1fab2ed9e5.otf dpjhaiprv9czz.cloudfront.net/	127 KB 50 KB	26ms 25ms	Font font/ttf	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/cf9a11deda1fab2ed9e5.otf Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2e2566ef1f4801b1e60ec553d07f911e99f0e8288ed24c8a3c7ed1a578deeca3 Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 02 Sep 2022 02:11:17 GMT content-encoding br vary Accept-Encoding age 1383610 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 29 Aug 2022 20:50:21 GMT server AmazonS3 etag W/"d3440d7510a052d279b5f02b4af5b49b" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id 1WnbsE6DfdWMsH8r1YjO6SO0_ND3q6sA via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type font/ttf x-amz-cf-id Yd6A3IV3DSe9ahwPBZwKAquErXPzNIuuImXC2jrtk-6uQ-QuochWRw==
GET H2	200	4a641adac032d7803bcd.otf dpjhaiprv9czz.cloudfront.net/	126 KB 69 KB	34ms 34ms	Font font/ttf	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/4a641adac032d7803bcd.otf Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dbea88fbfcb361ef825d266d89ef41aa060d3f266d77246dac3dd12a32d65c55 Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 09 Sep 2022 04:44:39 GMT content-encoding gzip vary Accept-Encoding age 769608 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 29 Aug 2022 20:50:20 GMT server AmazonS3 etag W/"1a6e7758d28b79f4c742955fe5ca4bf3" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id TdjIW.PaSLEBSCE8yWrexDx6S0FJt7Ri via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type font/ttf x-amz-cf-id LYv1TgVo2hetBw7tGw4DDivm5jir2Hk7RwxNPSfg54QmN3CKMXyQFQ==
GET H2	200	72626fd13dd76c00bab0.otf dpjhaiprv9czz.cloudfront.net/	123 KB 48 KB	33ms 33ms	Font font/ttf	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/72626fd13dd76c00bab0.otf Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 234a728142e0fb27f5abb7c64ca9ae9bb5d26066dab12d0527a338b5af5dbf0b Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 30 Aug 2022 20:38:08 GMT content-encoding br vary Accept-Encoding age 1576398 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 29 Aug 2022 20:50:20 GMT server AmazonS3 etag W/"d4eb0ec7b07fd166b933e2d35c8a440a" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id BPfYAEsRfpcn2nbp_VXy1rz0A5cL9UFJ via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type font/ttf x-amz-cf-id JB3PhzVz0s69-bRp_8W1uRVARwLID56u9qMyuDuL1Dztnn23_uyrtQ==
GET H3	200	MazzardH-Medium.otf cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	126 KB 53 KB	276ms 276ms	Font font/otf	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Medium.otf Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 838e202d62f0841ecf7e577b095f4cbfe84507cc3e1a651b2eaaf8a821d9f2d8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVH0O5gryxFbS7IksC207tScxwv3yGm3gRsJ1VPwQFesdUmOJO41gGB5SbpjZXYT0m1rIi7bNsd7rlljSOY2yixwPOOHd3xFJpaRvytVJo5VdanaQMIhbljdSw6b%2FjXbIA%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=78.050, imageryFetch;dur=77.575 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 3ceeffd5-e700-4444-8687-be48fdce6d33 timing-allow-origin * last-modified Thu, 08 Sep 2022 12:26:52 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/otf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa596db392b9-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Medium.otf>; rel="canonical"
GET H2	200	t_prism_sitemessages.php Show response trackcmp.net/	0 289 B	446ms 400ms	Script text/javascript	2606:4700:4400::6812:2a69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trackcmp.net/t_prism_sitemessages.php?trackid=1001208398&prismid=620a3506-35a3-4123-b916-29101435e310&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.1.33 p3p CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" content-type text/javascript;charset=UTF-8 cache-control no-cache, private x-privacy-policy You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/ cf-ray 74c6aa59da809a2d-FRA content-length 0
GET H2	200	Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png d1tkzf9ss7ctgm.cloudfront.net/10x/images/	212 B 550 B	299ms 298ms	Image image/png	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e0c2f2e5acaf896fe147c7e12de2fc594d584798191242604ce4872f9c5ecd0b Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Thu, 17 Feb 2022 17:40:02 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "e3dffad442b9e7b25711cf00b7102c4f" x-cache Miss from cloudfront x-amz-version-id w1n_EF1bBbD6s4i66gFA8Maan19dl6mc content-type image/png content-length 212 x-amz-cf-id hRAleFX54vgRoL9h0ZcpL1XlrUriqa3-5Cx3ke_AoCTJLNQd-6pRTA==
GET H2	200	Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png d1tkzf9ss7ctgm.cloudfront.net/2000x/images/	2 MB 2 MB	227ms 226ms	Image image/png	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1tkzf9ss7ctgm.cloudfront.net/2000x/images/Screen-Shot-2022-02-03-at-7_1n2tKmU5PBrvvc8N1jqQm6.03.22-PM.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 679b0b82aeefb87c444825eda53ea21424fcb25dc933ae93710b87569e756dee Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Tue, 22 Feb 2022 03:11:18 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "3034928e825d72239482f71403080c42" x-cache Miss from cloudfront x-amz-version-id xSBXCfzR8smNwANOCjXxKkPGkrsOikTh content-type image/png content-length 2007634 x-amz-cf-id gdrw2hMIPTvizEgk-5XChGkF4AZKWJNLIGEzOEb4t9JCJw8wu6HcPQ==
GET H2	200	TITLE_xkW5ZnszfsDGTsVptFjbzX.png d1tkzf9ss7ctgm.cloudfront.net/10x/images/	461 B 801 B	223ms 223ms	Image image/png	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1tkzf9ss7ctgm.cloudfront.net/10x/images/TITLE_xkW5ZnszfsDGTsVptFjbzX.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1a3cb7a35f92503acd9fe20b5335dca76283aa8601ab7102daeed6a172703a89 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Tue, 08 Feb 2022 18:22:37 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "73b1a7e5cb71271d9d42913594129525" x-cache Miss from cloudfront x-amz-version-id .QJatuNuBD60YtNiQmNtFciehK4fjLwZ content-type image/png content-length 461 x-amz-cf-id sLqC3eXrD7elpRsYxQ63rGVRTVJ7v7iEAXPe5eipUbgiXkr98HC5tA==
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 689 B	121ms 121ms	Ping application/octet-stream	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 9c4e4d7.32fb2089 date Sun, 18 Sep 2022 02:31:27 GMT x-cache-remote TCP_MISS from a23-38-170-133.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-parent-response-time 100,23.36.161.200 server-timing cdn-cache; desc=MISS, edge; dur=81, origin; dur=20, inner; dur=12 content-length 0 pragma no-cache server nginx x-tt-logid 20220918023127C2B5F9CB4120FECAEF27 content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 20,23.38.170.133 x-tt-trace-host 01176b51d7392c1fa000bd81347ecbc7316611010c6db0c619a8407053d1d722efc3147738e010eb780e1fb653ced1bee65603c84d1aec3590626aad76c4a1b979dd877e65f0f7ac8b29dfbb9e6bc054270a68a97d3eee38aa355b1e31980bbfc3 expires Sun, 18 Sep 2022 02:31:27 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 688 B	132ms 132ms	Ping application/octet-stream	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 26240ed6.32fb208d date Sun, 18 Sep 2022 02:31:27 GMT x-cache-remote TCP_MISS from a23-38-170-149.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) x-parent-response-time 110,23.36.161.200 server-timing cdn-cache; desc=MISS, edge; dur=84, origin; dur=27, inner; dur=16 content-length 0 pragma no-cache server nginx x-tt-logid 202209180231272321311B86201EC22E1A content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 27,23.38.170.149 x-tt-trace-host 01176b51d7392c1fa000bd81347ecbc7316611010c6db0c619a8407053d1d722eff7db99d77dd8353a455ac987deb9da2aa10244c4bf040a021dbd3c463cc24e897fccab7f4f7875b03392bbe344adb300bb1da27827dbd952caf81932062c7879 expires Sun, 18 Sep 2022 02:31:27 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 548 B	127ms 127ms	Ping application/octet-stream	23.36.163.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1VL44OQDRQBNKO1M8DG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-228.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 20220918023127B718FA2A0B7372C22DD3 x-cache TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-) content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 105,23.36.161.200 x-tt-trace-host 01176b51d7392c1fa000bd81347ecbc7314da009dcbb6b62c3b69374bb353d4635f75c28aa826fac75fb9bc4d26d05de2ed3be833cab3db92e7fd300d6e5c0e98ebb672a8b316f53015696eada5e812471 server-timing inner; dur=16, cdn-cache; desc=MISS, edge; dur=0, origin; dur=105 x-akamai-request-id 32fb2092 content-length 0 expires Sun, 18 Sep 2022 02:31:27 GMT
GET H2	200	TITLE_xkW5ZnszfsDGTsVptFjbzX.png d1tkzf9ss7ctgm.cloudfront.net/200x/images/	85 KB 86 KB	305ms 304ms	Image image/png	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1tkzf9ss7ctgm.cloudfront.net/200x/images/TITLE_xkW5ZnszfsDGTsVptFjbzX.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e23727d52bc256babd36c2f1795d4d4694c0700f88175de11104b53dc949a3b Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Tue, 08 Feb 2022 18:22:39 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "fc67b7862b140548bda653a8e4773cf2" x-cache Miss from cloudfront x-amz-version-id W5m8DUQEHOJ_TZtGPZCTlPRyMTllc1Tr content-type image/png content-length 87095 x-amz-cf-id 732IlWJaf4WjoBTKA88w9VEIGm-Xx4FTIjUKu4j6RG_J6lkruCm_CA==
GET DATA	200 OK	truncated /	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	206	-KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4 d1tkzf9ss7ctgm.cloudfront.net/images/	40 KB 0	319ms 319ms	Media video/mp4	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1tkzf9ss7ctgm.cloudfront.net/images/-KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://fandiem.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Range bytes=0- Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Tue, 08 Feb 2022 18:21:48 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "d4f0ac7fdb3fb00772e0ca75239cc355" x-cache Miss from cloudfront content-type video/mp4 Content-Range bytes 0-288539/288540 x-amz-version-id XsQnNzEIv6NFCLWsSMel6j3RXbLAwwjW Content-Length 288540 x-amz-cf-id Vw0L58eq1-_KyNxNcD8IZl2mCU_vg9X-sSqL_Gdt9lEpdFNqW1qvaw== expires Thu, 01 Jan 1970 00:01:00 GMT
GET H2	206	-KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4 d1tkzf9ss7ctgm.cloudfront.net/images/	282 KB 283 KB	323ms 322ms	Media video/mp4	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1tkzf9ss7ctgm.cloudfront.net/images/-KESHA-F-COVID-1X1_fFZfjdRbfqN1TRoMoRwWwk.mp4 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d120cf757a72bab3e3d936b789aaf1cf885eb8def7a0f64d416c223423359385 Request headers Referer https://fandiem.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Range bytes=0- Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Tue, 08 Feb 2022 18:21:48 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "d4f0ac7fdb3fb00772e0ca75239cc355" x-cache Miss from cloudfront content-type video/mp4 Content-Range bytes 0-288539/288540 x-amz-version-id XsQnNzEIv6NFCLWsSMel6j3RXbLAwwjW Content-Length 288540 x-amz-cf-id XjLOO1qACHHi4XP0J12TMnXJLtD5F_Qk4iRthCfknE7AzHct5qbTbw== expires Thu, 01 Jan 1970 00:01:00 GMT
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/4VZVS64FNRFEXAUW3D4PZO/index.js https://s.adroll.com/j/exp/index.js	28 B 785 B	34ms 34ms	Script application/javascript	2600:9000:206f:ae00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Server 2600:9000:206f:ae00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers X-Amz-Version-Id VS8aSrwndm.MeiNnyJ10ruHH56v74CIF Via 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront) Etag "5816cced8568d223aa09d889f300692b" Age 86121 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Content-Length 28 Last-Modified Fri, 02 Sep 2022 17:25:28 GMT Server AmazonS3 Date Sun, 18 Sep 2022 02:09:23 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA56-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id zCas0Ku7p4gG3ROxjjG1d34mxo29auOtEgm7YffC0xOpPHkdGORxqw== Redirect headers Date Sat, 17 Sep 2022 16:35:56 GMT Via 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront) Age 35730 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/exp/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA56-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id xe0GDzJs3Pk8Kro-kB8_ql6QhMQCP1g0p28DXiDDq_cV4DdbcYLBwQ==
GET H3	200	/ www.google.de/pagead/1p-conversion/370662395/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200... https://www.google.com/pagead/1p-conversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u... https://www.google.de/pagead/1p-conversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...	42 B 64 B	50ms 39ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjI5UTdBeHhUWWVhNGZNdDdOQVJRb0R1R3hoNHp6X3o2VXNKUkxVYjgyMmx0dHd1N3R4c3hyNHo&is_vtc=1&ocp_id=_oImY5vVNuezmLAPwue90AU&cid=CAQSKQCsnQUxR3PKRlfwHXrgh3LMqrnYnaJsohfv921noLu_NfnJX2vIidgL&random=2895859029&resp=GooglemKTybQhCsO&ipr=y&prhg=0 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-conversion/370662395/?random=329869804&cv=9&fst=1663468286833&num=1&label=BibICJm95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2Fsweeps%2Fkesha%3Bpage_title%3DWin%20an%20Autographed%20Picture%20of%20Kesha&frm=0&url=https%3A%2F%2Ffandiem.com%2Fproducts%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjI5UTdBeHhUWWVhNGZNdDdOQVJRb0R1R3hoNHp6X3o2VXNKUkxVYjgyMmx0dHd1N3R4c3hyNHo&is_vtc=1&ocp_id=_oImY5vVNuezmLAPwue90AU&cid=CAQSKQCsnQUxR3PKRlfwHXrgh3LMqrnYnaJsohfv921noLu_NfnJX2vIidgL&random=2895859029&resp=GooglemKTybQhCsO&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/370662395/	42 B 64 B	35ms 33ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/370662395/?random=1663468286831&cv=9&fst=1663466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=1777800076&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/370662395/	42 B 64 B	39ms 38ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/370662395/?random=1663468286831&cv=9&fst=1663466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=1777800076&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	515 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	MazzardH-Bold.otf cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	126 KB 53 KB	38ms 37ms	Font font/otf	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Bold.otf Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbea88fbfcb361ef825d266d89ef41aa060d3f266d77246dac3dd12a32d65c55 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/application.scss.css?v=167376750296147457741632163727 Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 age 20935 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oa8gGPlVM0G3eLZZ2RpQQwRU35R89Wd2aGeVDxN0USlPXWDCbrllli3KA%2BL7kuAPFnk1deeY3NUp8jtbbqSLCwt8DXotVn%2BEK2fmlDmB2dSR6%2FZ4Zaj%2FktjDvs3145y%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=60.198, imageryFetch;dur=59.971 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id cdfa53b1-0726-4852-84e7-b38d89b2829a timing-allow-origin * last-modified Fri, 26 Aug 2022 01:23:12 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type font/otf access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa59ee5792b9-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/MazzardH-Bold.otf>; rel="canonical"
GET H2	200	/ Show response ct.pinterest.com/user/	539 B 856 B	153ms 47ms	XHR application/json	104.75.88.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?tid=2612813512367&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1663468287025 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-209.deploy.static.akamaitechnologies.com Software / Resource Hash 67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding gzip vary Accept-Encoding x-cdn akamai akamai-grn 0.956656b8.1663468287.826d2cf2 x-envoy-upstream-service-time 1 x-pinterest-rid 3481471168560209 pin-unauth dWlkPVlXWmhNalE0TWprdE1qQTBOUzAwWkRnMExUazNOMkV0TldRelltSmlNV016WXpSbA access-control-allow-origin https://fandiem.com referrer-policy origin strict-transport-security max-age=31536000 ; includeSubDomains ; preload content-type application/json; charset=utf-8 pragma no-cache access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 access-control-allow-credentials true content-length 377 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-conversion/370662395/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120... https://www.google.com/pagead/1p-conversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&... https://www.google.de/pagead/1p-conversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...	42 B 64 B	59ms 48ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjItUjhCdWV0WFBWeDdadXJXc21sU3E3bTFYLTJMMUJPbXNtV0NFMF9GS2NaZkZWSG5CMXVtbVA&is_vtc=1&ocp_id=_oImY8_4OMOz1wapwbXICg&cid=CAQSKQCsnQUxH1OQsnqpsR0nQh2iSzlHf3ymCWJM9Av1v_WVTXcel5PGGZzs&random=1042634221&resp=GooglemKTybQhCsO&ipr=y&prhg=0 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-conversion/370662395/?random=1153370133&cv=9&fst=1663468286836&num=1&label=aiP4CJ-95pMCEPu337AB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dview_item%3Becomm_prodid%3Dshopify_US_7548640624894_42408255947006%3Becomm_totalvalue%3DNaN%3Becomm_pagetype%3Dproduct&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJuqsQI&pscrd=Ek5DaEVJOE9DVm1RWVF1Nkwyc0tfTHhwaU5BUklsQUtzMlprUjU0Vy0wS2RUX1dRRkR4THFCQWdzdFRsUHdUWFZWa1Y5VGtIdllkcDlPYWcaWENoRUk4T0NWbVFZUXlxeXBtcmIzaFBmc0FSSXRBQmYxZjItUjhCdWV0WFBWeDdadXJXc21sU3E3bTFYLTJMMUJPbXNtV0NFMF9GS2NaZkZWSG5CMXVtbVA&is_vtc=1&ocp_id=_oImY8_4OMOz1wapwbXICg&cid=CAQSKQCsnQUxH1OQsnqpsR0nQh2iSzlHf3ymCWJM9Av1v_WVTXcel5PGGZzs&random=1042634221&resp=GooglemKTybQhCsO&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 334 B	141ms 52ms	Image image/gif	104.75.88.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ct.pinterest.com/v3/?tid=2612813512367&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown%22%2C%22ref%22%3A%22http%3A%2F%2Fwinwith.fandiem.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2255e552f9%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663468287042 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-209.deploy.static.akamaitechnologies.com Software / Resource Hash 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT referrer-policy origin x-cdn akamai akamai-grn 0.956656b8.1663468287.826d2cf9 strict-transport-security max-age=31536000 ; includeSubDomains ; preload content-type image/gif access-control-allow-origin * cache-control no-cache,no-store,must-revalidate,max-age=0 x-envoy-upstream-service-time 3 content-length 35 x-pinterest-rid 1419361489024535 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 576 B	142ms 53ms	Image image/gif	104.75.88.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%224e6fb690-0C92-4910-B0D7-381EB1242124%22%2C%22currency%22%3A%22USD%22%2C%22line_items%22%3A%5B%7B%22product_id%22%3A7548640624894%2C%22product_variant_id%22%3A42408255947006%2C%22product_name%22%3A%22Win%20an%20Autographed%20Picture%20of%20Kesha%20-%20100%20entries%22%2C%22product_price%22%3A%2210.00%22%7D%5D%7D&tid=2612813512367&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown%22%2C%22ref%22%3A%22http%3A%2F%2Fwinwith.fandiem.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2255e552f9%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663468287043 Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-209.deploy.static.akamaitechnologies.com Software / Resource Hash 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT referrer-policy origin x-cdn akamai akamai-grn 0.956656b8.1663468287.826d2cfb strict-transport-security max-age=31536000 ; includeSubDomains ; preload content-type image/gif access-control-allow-origin * cache-control no-cache,no-store,must-revalidate,max-age=0 x-envoy-upstream-service-time 3 content-length 35 x-pinterest-rid 1239591550602031 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png d1tkzf9ss7ctgm.cloudfront.net/2000x/images/	779 KB 780 KB	299ms 298ms	Image image/png	2600:9000:214f:8200:1a:25dd:c980:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1tkzf9ss7ctgm.cloudfront.net/2000x/images/Logo_no_tagline_background_1200x1200-%281%29_rjfzDVCoSwFDx2h3WYbj2d.png Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:8200:1a:25dd:c980:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 170d2e51f23720cf6f83212bbbea382e2e9418ecce32d034eefc02d20ae765e8 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront) last-modified Wed, 02 Feb 2022 01:53:31 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 etag "c0e51679fef8f8f6f0287415e6f1803c" x-cache Miss from cloudfront x-amz-version-id 4eByAjDukTE0lLKkSZDSiUHS6_zlQ3CL content-type image/png content-length 797308 x-amz-cf-id geR2tMJWTyZr81bkzU1sHBBkCEa2Pe7JyAamb8culLAr1eM2JrDTMA==
GET H3	200	www-player.css www.youtube.com/s/player/a97e97de/ Frame 5F84	355 KB 48 KB	79ms 22ms	Stylesheet text/css	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a97e97de/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ecc94d599b99d64bc98482b647a573fde50858c7a6116bd85010cd678c22ff2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 16 Sep 2022 03:06:05 GMT content-encoding br x-content-type-options nosniff age 170722 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49363 x-xss-protection 0 last-modified Thu, 15 Sep 2022 21:54:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 16 Sep 2023 03:06:05 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/a97e97de/www-embed-player.vflset/ Frame 5F84	309 KB 96 KB	77ms 21ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0e8ef0b8b33b0a1939a1f18ac8242ce9dff985f774a4b216324e9ba7248cd87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 16 Sep 2022 03:05:58 GMT content-encoding br x-content-type-options nosniff age 170729 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97939 x-xss-protection 0 last-modified Thu, 15 Sep 2022 21:54:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 16 Sep 2023 03:05:58 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/ Frame 5F84	2 MB 577 KB	122ms 66ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d6fc00dfb8e0e17becd6731594814432407728ec1d35e85d6dce3b8906c563dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 16 Sep 2022 03:06:45 GMT content-encoding br x-content-type-options nosniff age 170682 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 590880 x-xss-protection 0 last-modified Thu, 15 Sep 2022 21:54:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 16 Sep 2023 03:06:45 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/a97e97de/fetch-polyfill.vflset/ Frame 5F84	9 KB 3 KB	116ms 60ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a97e97de/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 16 Sep 2022 03:05:58 GMT content-encoding br x-content-type-options nosniff age 170729 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 15 Sep 2022 21:54:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 16 Sep 2023 03:05:58 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5F84	15 KB 16 KB	79ms 21ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 13 Sep 2022 11:18:05 GMT x-content-type-options nosniff age 400402 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 13 Sep 2023 11:18:05 GMT
GET H/1.1	200 OK	250.main.min.js Show response widgetv3.bandsintown.com/	1 MB 119 KB	25ms 24ms	Script application/javascript	143.204.215.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgetv3.bandsintown.com/250.main.min.js Requested by Host: widgetv3.bandsintown.com URL: https://widgetv3.bandsintown.com/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-89.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 561a21a601fb57327536c93c90ddde3cc65013ae153cf9f24027476c01b155e0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 01:49:25 GMT Content-Encoding gzip Connection keep-alive Last-Modified Wed, 24 Aug 2022 20:38:35 GMT Server AmazonS3 Age 2585 ETag W/"97adade9f1e199cde2f6210e02ff5187" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront) Cache-Control max-age=3600 Transfer-Encoding chunked X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id PEfpsr-ToRQqB4adAoyTgWMSDnwN5AvG3RnMEK50uicsdxRB82fs0w==
GET H/1.1	200 OK	955.main.min.js Show response widgetv3.bandsintown.com/	25 KB 8 KB	54ms 22ms	Script application/javascript	143.204.215.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgetv3.bandsintown.com/955.main.min.js Requested by Host: widgetv3.bandsintown.com URL: https://widgetv3.bandsintown.com/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-89.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 12859a9fab7cbe2067db44fb726fd7087e1b7f1240c2adaa9f69a175fa0ca24b Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:23:46 GMT Content-Encoding gzip Connection keep-alive Last-Modified Wed, 24 Aug 2022 20:38:35 GMT Server AmazonS3 Age 2115 ETag W/"01b9cd91e6b7efd000f1602eb9d22621" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront) Cache-Control max-age=3600 Transfer-Encoding chunked X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id nTpNETMYU1vN3VHM5x4NQT0K9iOCCPF6pBwE6HrHsHsSqbV00NFVtA==
GET H2	200	4VZVS64FNRFEXAUW3D4PZO Show response d.adroll.com/consent/check/	462 B 555 B	147ms 44ms	Script application/javascript	34.249.178.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/4VZVS64FNRFEXAUW3D4PZO?arrfrr=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&_s=768e4632522c1e86165d19e7101dfdc4&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/4VZVS64FNRFEXAUW3D4PZO/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.249.178.117 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-178-117.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash 5e31d0c6af52a2e0799f87b2f35e26b4fc012a9fd6e8cfa7824f701067cd0a0c Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT server nginx/1.20.0 content-length 462 content-type application/javascript
GET H/1.1	200 OK	/ Show response rest.bandsintown.com/V3.1/artists/id_12324703/events/	31 B 595 B	459ms 393ms	Script application/json	143.204.215.47
General Check archive.org Show headers Download Go to Full URL https://rest.bandsintown.com/V3.1/artists/id_12324703/events/?app_id=js_fandiem.com&callback=bitJsonp_837932361466312 Requested by Host: widgetv3.bandsintown.com URL: https://widgetv3.bandsintown.com/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.47 -, , ASN (), Reverse DNS Software / Resource Hash f77b5d0d4ee7bb76fff81fec1adb148077203d9d7aecb5038c3b391cc0c3cf90 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:27 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA53-C1 x-amzn-RequestId 7971c8a7-3ae3-4026-a2b3-69165c5df0af X-Cache Miss from cloudfront Content-Type application/json Access-Control-Allow-Origin * X-Amzn-Trace-Id Root=1-632682ff-634c40a026a236c371195142;Sampled=0 Connection keep-alive x-amz-apigw-id Yoln8EY6oAMF6sQ= Content-Length 51 Via 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront) X-Amz-Cf-Id HPCcsCmN_cusSOCtX3UN19jj7Vl54-DSb7fUe8wAaSQsv2lDwfjxrA==
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2278f68cc395c3636b8b59a1b8038ee9127a1c0954f945d86ce7b4bb865210e1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3	200	produce monorail-edge.shopifysvc.com/v1/	0 0	174ms 173ms	Fetch	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ X-Monorail-Edge-Event-Created-At-Ms 1663468287192 X-Monorail-Edge-Event-Sent-At-Ms 1663468287193 accept-language de-DE,de;q=0.9 X-Monorail-Edge-Client-Message-Id acecdd68-58c9-4c45-a632-bd3c6d8e2185 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Sun, 18 Sep 2022 02:31:27 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 48a9345c-b7c3-48e3-ba1c-5d0ab5a7cfc0 server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPEJRIdYOROUbdalhqBgjeHVUU%2BswX5KPT72AoPVa2jkgejYm7%2B77nHwdytjj3L%2BkbmYNIfPdVACQYvTnUf6t5VTVWIHLmzuacpnwmRiCz7cKTDEfz2%2Fzi6Bn%2B7DBan8ANMxeSyTXDEwkzgF2a4%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa5c89009036-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
POST H3	200	produce monorail-edge.shopifysvc.com/v1/	0 0	173ms 172ms	Fetch	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ X-Monorail-Edge-Event-Created-At-Ms 1663468287194 X-Monorail-Edge-Event-Sent-At-Ms 1663468287194 accept-language de-DE,de;q=0.9 X-Monorail-Edge-Client-Message-Id 877825bd-4753-4909-8f7d-f32af943c43e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Sun, 18 Sep 2022 02:31:27 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id 1a660918-66b6-440a-8673-a6ac39ac815c server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Flav4rytWU7RVw%2BXWbpvj7wUjK01%2BpwXSDrrEOUt%2BSPtqRoah2bBhqnheP%2FUu1CyFhzIKXjFPTBJ5nnns4Peoal25pk8ZiaABfc1igK%2BorDVfrvggdp6nubJxj%2BFEatOBIQ9XEneYgbCwyaAi8c%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa5c68e79036-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
POST H3	200	produce monorail-edge.shopifysvc.com/v1/	0 0	138ms 137ms	Fetch	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ X-Monorail-Edge-Event-Created-At-Ms 1663468287195 X-Monorail-Edge-Event-Sent-At-Ms 1663468287195 accept-language de-DE,de;q=0.9 X-Monorail-Edge-Client-Message-Id eccda84c-1b56-4bc4-aef0-36256385cb5e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Sun, 18 Sep 2022 02:31:27 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-east1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id d4a7a91f-8dd3-472f-b93f-9a0a95a7cdfa server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp%2FKT%2FCElx1MnL2jPAu9rSzizmVDhaUgMo1Ffrg98ZVuNYS4TAKi4yNGgi%2FA4ax2j603NTreRpOd0TU5NCeFZy0QT3i7b87RV%2F%2FeNEA96AEqBMSqvpo2gSRkUT0oLCgmjXn53sPtAC2net2AIKg%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa5c28c39036-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
OPTIONS H3	200	produce monorail-edge.shopifysvc.com/v1/ Frame	0 0	237ms 186ms	Preflight	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms Access-Control-Request-Method POST Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For access-control-allow-methods OPTIONS,POST access-control-allow-origin https://fandiem.com access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74c6aa5b5f6f9036-FRA content-length 0 date Sun, 18 Sep 2022 02:31:27 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFGfsvQMTZUqDTlLVc3j%2Byf75CoxVmSM4nrnQYHS%2BlfsOYayE3kyO5EG77dWTJmqcOdKAohQfgXsDnHPm60PjeusqsZG6HJkKh4tWNrgxL4emAVJKXKGNESq3HqEQK%2FyNrIYb2M6DRV52513M3c%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff x-dc gcp-us-east1,us-central1 x-request-id ebea0433-b46d-4944-ae5c-573f7cbf6588
OPTIONS H3	200	produce monorail-edge.shopifysvc.com/v1/ Frame	0 0	216ms 166ms	Preflight	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms Access-Control-Request-Method POST Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For access-control-allow-methods OPTIONS,POST access-control-allow-origin https://fandiem.com access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74c6aa5b5f709036-FRA content-length 0 date Sun, 18 Sep 2022 02:31:27 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi8umYS2coA0ktRP1Al2wMl%2FfALGUdfoZlGXz6AkoG00lt%2FaaZ%2FqTNFIR%2B8M%2FDOhQb92dSCr49FropFR6T%2Be58UmJq5gAxBLIgNaVdTEHLNzm4UeUezeMfG%2BFJh5C%2FvbqbgD7RzOj%2BHHAGZ8f%2F0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff x-dc gcp-us-east1,us-central1 x-request-id 8dfa4a3e-6c4e-487f-8d39-408cd73c8bc9
OPTIONS H3	200	produce monorail-edge.shopifysvc.com/v1/ Frame	0 0	179ms 129ms	Preflight	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms Access-Control-Request-Method POST Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For access-control-allow-methods OPTIONS,POST access-control-allow-origin https://fandiem.com access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74c6aa5b5f6d9036-FRA content-length 0 date Sun, 18 Sep 2022 02:31:27 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krbBbsQvanCeRp3sh9a5j9ZXXq%2BpGdYuv%2FbYaCRti4lYyYqxt3GUeoEOC4LNdl2Zyv%2FcNeeWfW0onI2M8t4RImSgLOMA%2BXUKOFjemukyJUnrVznY63JPCrGMg2Zp%2FeUmi%2F24hdIzZDpequfTWcM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff x-dc gcp-us-east1,us-east1 x-request-id eea7e91f-06d7-4b2a-9414-5bf0ff115b33
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/	3 KB 1 KB	49ms 48ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/370662395/?random=1663468287299&cv=9&fst=1663468287299&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&auid=454911800.1663468287&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b7ce29b8e64f835c1cf2583d1f2871d16779b3c6970307d9e952dffe054d5d09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1164 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame C8DB	0 15 B	21ms 21ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://fandiem.com Referer https://fandiem.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://fandiem.com alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Sun, 18 Sep 2022 02:31:27 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	70ec889065ac55326591.otf dpjhaiprv9czz.cloudfront.net/	126 KB 51 KB	31ms 31ms	Font font/ttf	2600:9000:214f:2200:15:5e1:43c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpjhaiprv9czz.cloudfront.net/70ec889065ac55326591.otf Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2200:15:5e1:43c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d9cbb400bf017649e1209e639b8ad006b8466cc6e52832244a37c22f38cebc9d Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 02 Sep 2022 02:11:17 GMT content-encoding br vary Accept-Encoding age 1383611 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 29 Aug 2022 20:50:20 GMT server AmazonS3 etag W/"ed28e132b285167cc5298d073f443247" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id K.IZvkNKWh15jPaCnszuZmdtlguRVDat via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA53-C1 content-type font/ttf x-amz-cf-id Xekh7yI0ZCOGJBR1AemPJbMX2Yl9SyZN3CeSLeTPgdii7bXUR109zw==
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 5F84	113 B 159 B	29ms 29ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bd5b7ae5c918c0180b540c991a45a64c3c0f8e3e42d9a996774f7e8c0bfe007f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 5F84	29 B 588 B	74ms 24ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:19:42 GMT x-content-type-options nosniff age 705 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 18 Sep 2022 02:34:42 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	80ms 30ms	Preflight text/html	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Sun, 18 Sep 2022 02:31:27 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5F84	65 KB 30 KB	79ms 38ms	XHR application/json+protobuf	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ed75386517bde0889af7695b4f85c4970dd6a32606b1ab45ef08dd23106ffd37 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json+protobuf Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 30390 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/ Frame 5F84	120 KB 37 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f06a2dca8699c524f629e74dab5f4d02e33d74f7262f02317aa7d1a26ff5617a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 16 Sep 2022 03:09:02 GMT content-encoding br x-content-type-options nosniff age 170545 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37832 x-xss-protection 0 last-modified Thu, 15 Sep 2022 21:54:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 16 Sep 2023 03:09:02 GMT
GET H3	200	yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js Show response www.google.com/js/th/ Frame 5F84	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8f013254fae568fb357e26403a8d280143f75d6554c71b0be40634f28d4aef5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Thu, 15 Sep 2022 11:19:19 GMT content-encoding br x-content-type-options nosniff age 227528 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14098 x-xss-protection 0 last-modified Mon, 29 Aug 2022 11:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Sep 2023 11:19:19 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/ Frame 5F84	28 KB 8 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37744dd6ea73d64cf2caa1fab78b449e84d77693a68c0baf9b724b1fbb6722a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Fri, 16 Sep 2022 03:11:10 GMT content-encoding br x-content-type-options nosniff age 170417 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8428 x-xss-protection 0 last-modified Thu, 15 Sep 2022 21:54:27 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 16 Sep 2023 03:11:10 GMT
GET DATA	200 OK	truncated / Frame 5F84	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AMLnZu8LVa93vNqcUgXIBRJHeL8jLH-Ef6cqG32DTb24=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame 5F84	3 KB 4 KB	403ms 352ms	Image image/jpeg	2a00:1450:4001:80b::2001
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AMLnZu8LVa93vNqcUgXIBRJHeL8jLH-Ef6cqG32DTb24=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 -, , ASN (), Reverse DNS Software fife / Resource Hash 821cb2386381c89ed345756658b25c5cb053c16627790768828c6e9e6895366e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server fife etag "v9" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3506 x-xss-protection 0 expires Mon, 19 Sep 2022 02:31:27 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/qjLGWf-qzxs/ Frame 5F84	28 KB 29 KB	155ms 79ms	Image image/webp	2a00:1450:4001:830::2016
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/qjLGWf-qzxs/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2016 -, , ASN (), Reverse DNS Software sffe / Resource Hash 2dbf3a60290ed886957e7f0c0b53cfe6543dd5dc6a94e478b5708a6f9c554f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server sffe etag "1588627613" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28732 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 18 Sep 2022 04:31:27 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/370662395/	42 B 64 B	32ms 32ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/370662395/?random=1663468287299&cv=9&fst=1663466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=1777080693&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/370662395/	42 B 64 B	35ms 34ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/370662395/?random=1663468287299&cv=9&fst=1663466400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown&ref=http%3A%2F%2Fwinwith.fandiem.com%2F&tiba=Win%20an%20Autographed%20Picture%20of%20Kesha&async=1&fmt=3&is_vtc=1&random=1777080693&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 www.youtube.com/ Frame 5F84	0 10 B	21ms 21ms	Image text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?zQPIAA Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/qjLGWf-qzxs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/qjLGWf-qzxs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 5F84	4 KB 3 KB	147ms 36ms	Script text/javascript	2a00:1450:4001:80b::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:27 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 18 Sep 2022 02:31:27 GMT
GET H/1.1	200 OK	id_12324703 Show response rest.bandsintown.com/V3.1/artists/	1 KB 1 KB	662ms 606ms	XHR application/json	143.204.215.47
General Check archive.org Show headers Download Go to Full URL https://rest.bandsintown.com/V3.1/artists/id_12324703?app_id=js_fandiem.com Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.47 -, , ASN (), Reverse DNS Software / Resource Hash 763c8adc3701f5b23bc21db4519508aa9c8951513e45fc348c93e027585b1596 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:28 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA53-C1 x-amzn-RequestId ae4dc8c5-08d0-4ae0-bd16-746e03ae7cd6 X-Cache Miss from cloudfront Content-Type application/json Access-Control-Allow-Origin * X-Amzn-Trace-Id Root=1-63268300-76f8d62f50dbbf4603dc30b9;Sampled=0 Connection keep-alive x-amz-apigw-id YoloDEZsoAMFzxQ= Content-Length 554 Via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) X-Amz-Cf-Id ck8ZRor77VQw32U28IM_wLD_ZLtBRTIWPbSJsXGnYtjtB2S_8VOJ8w==
POST H2	200	/ Show response h.trey.shop/	981 B 1 KB	394ms 179ms	XHR text/plain	3.33.204.12
General Check archive.org Show headers Download Go to Full URL https://h.trey.shop/?ci=js/3.7.2 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.204.12 -, , ASN (), Reverse DNS Software nginx / Resource Hash 09e58d1d6b07515f7edfabd71af3d4d11cbd83bbb4dbd0f39ad896c008faea5c Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers content-security-policy default-src 'none'; frame-ancestors 'none' referrer-policy no-referrer server nginx date Sun, 18 Sep 2022 02:31:28 GMT x-frame-options DENY content-type text/plain access-control-allow-origin https://fandiem.com access-control-expose-headers Retry-After access-control-allow-credentials true strict-transport-security max-age=63072000 vary Origin content-length 981 x-content-type-options nosniff
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/105/ Frame 5F84	52 KB 15 KB	70ms 23ms	Script text/javascript	2a00:1450:4001:80b::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/105/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 17 Sep 2022 18:10:09 GMT content-encoding gzip x-content-type-options nosniff age 30079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15116 x-xss-protection 0 last-modified Mon, 11 Jul 2022 15:05:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sun, 18 Sep 2022 18:10:09 GMT
GET DATA	200 OK	truncated /	195 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5F84	90 B 134 B	38ms 38ms	XHR application/json+protobuf	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/a97e97de/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93389db0c2d0c12feeafedc88dc41e97bf238e29f92d60f732d2b0b79dfec5b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json+protobuf Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 110 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	28ms 27ms	Preflight text/html	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Sun, 18 Sep 2022 02:31:28 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H/1.1	200 OK	app.js Show response s3.amazonaws.com/els-apps/countup/js/	12 KB 3 KB	472ms 128ms	Script application/x-javascript	52.216.130.93
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/els-apps/countup/js/app.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.130.93 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash ea470df0377e9112fd7bc0ed5e18fcb7df8fc022d106599ced36593293559512 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:29 GMT Content-Encoding gzip Last-Modified Wed, 07 Jul 2021 18:41:58 GMT Server AmazonS3 x-amz-request-id XZ18Z9DNQEKZCZ0R ETag "8a297d5f2898ba3af5f5f835eee1ffa5" Content-Type application/x-javascript x-amz-storage-class REDUCED_REDUNDANCY Accept-Ranges bytes Content-Length 3085 x-amz-id-2 Q9XdQ4yJzTcf2nf6xHV8ozZFvPCCC5boX45MYHAAz+t73688XWEbHHK7RbNVphJ5b7Wvia51p2I=
GET H2	200	platform.js Show response shy.elfsight.com/p/	10 KB 4 KB	255ms 187ms	Script application/javascript	2606:4700:20::681a:76b
General Check archive.org Show headers Download Go to Full URL https://shy.elfsight.com/p/platform.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:76b -, , ASN (), Reverse DNS Software cloudflare / Resource Hash da19e28c86b92736bb0f0e2965707589a2dda545b4397cf7e0567b15120b016e Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Fri, 15 May 2020 10:40:48 GMT server cloudflare etag W/"5ebe71b0-268f" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy1IA2RH9g1b0WH1xkxjqqT3g%2BMVULb%2Bc7XDge8SBIV9A98Bh4XJwy6k7xL7%2FQ9DOKj0jJyYRN599%2BLmtSg6kpE36Dt0KIjt1L7DqYvhp5s86moQOzimsYzW01mpwD%2FhxJpF1%2FJngQb0NnUCgOk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 74c6aa614c379b7c-FRA
GET H/1.1	200 OK	wk_shopify_auction.js sp-auction.webkul.com/js/	110 KB 13 KB	1316ms 516ms	Script application/javascript	13.213.122.206
General Check archive.org Show headers Download Go to Full URL https://sp-auction.webkul.com/js/wk_shopify_auction.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.213.122.206 -, , ASN (), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:29 GMT Content-Encoding gzip Last-Modified Thu, 01 Sep 2022 05:13:05 GMT Server Apache/2.4.29 (Ubuntu) ETag "1b93c-5e796ab1d8c10-gzip" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 13352
GET H/1.1	200 OK	wk_auction_category.js sp-auction.webkul.com/js/	36 KB 6 KB	1055ms 259ms	Script application/javascript	13.213.122.206
General Check archive.org Show headers Download Go to Full URL https://sp-auction.webkul.com/js/wk_auction_category.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.213.122.206 -, , ASN (), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:29 GMT Content-Encoding gzip Last-Modified Mon, 27 Jun 2022 06:00:15 GMT Server Apache/2.4.29 (Ubuntu) ETag "91a9-5e267a2467130-gzip" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 6187
GET H2	200	shopify_rolling_bootstrap_v2.js Show response assets1.adroll.com/shopify/latest/j/	2 KB 1 KB	26ms 24ms	Script application/javascript	2600:9000:206f:7000:1c:cd6a:7440:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=4VZVS64FNRFEXAUW3D4PZO&adroll_pix_id=A5AOKNR44NHIVM7TSARV6U&shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:7000:1c:cd6a:7440:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding gzip vary Accept-Encoding age 3545 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront) last-modified Wed, 07 Sep 2022 00:26:18 GMT server AmazonS3 etag W/"dcbab6195eb24bf3935cbc62ec0ed277" access-control-max-age 600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-allow-credentials false x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id IfqgPcLxaOa6BJ9sGdpyL1S0EDhZ0i_BmfNsDVPrjwlsghAlcyCuRg==
GET H3	200	BMmoFnGNlK5UpA4h.js Show response cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/	3 KB 2 KB	32ms 30ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/BMmoFnGNlK5UpA4h.js?v=1649866955&shopId=100273&shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 449c3e62b3c340c2c2a094d7a81517c3bebce6a9560b490083c0c7a50babe8d1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 age 165503 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RIrC31H%2BSNGanrMswZuTLeNVZX46Sij3XgSSDc12McjCEvSTP6%2Bw674PG60%2FVAn%2F6MnOgzPG49JHhihjgm2w4sZh0DyQkucMavLGmiiUXYlFQpu1iQ1cHck%2BZJO7mDURQ%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=103.971, imageryFetch;dur=101.617 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id de1cf590-7eba-4855-a6a0-bf89438eed38 timing-allow-origin * last-modified Fri, 26 Aug 2022 02:15:39 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31557600 cf-ray 74c6aa60e8bb920e-FRA link <https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/BMmoFnGNlK5UpA4h.js>; rel="canonical"
GET H/1.1	200 OK	script.js Show response account-invite.merchantyard.com/js/integrations/	1 KB 2 KB	459ms 119ms	Script application/javascript	3.139.21.16
General Check archive.org Show headers Download Go to Full URL https://account-invite.merchantyard.com/js/integrations/script.js?v=5468&shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.139.21.16 -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash ecb2cfc35864022302df026bc7d2fde1f2d44bf1f0f58f55d42fe7fd5ca7a747 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:28 GMT Last-Modified Tue, 10 May 2022 07:08:38 GMT Server nginx/1.18.0 (Ubuntu) ETag "627a0f76-532" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1330
GET H/1.1	200 OK	script.js Show response referralyard.com/js/integrations/	9 KB 9 KB	451ms 113ms	Script application/javascript	52.15.83.136
General Check archive.org Show headers Download Go to Full URL https://referralyard.com/js/integrations/script.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.15.83.136 -, , ASN (), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 792758b135f8442096b7cc8897f7cb4590cd226942d0d0d714279a9b3db71886 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:28 GMT Last-Modified Mon, 01 Aug 2022 18:35:49 GMT Server nginx/1.14.0 (Ubuntu) ETag "62e81d05-2219" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 8729
GET H2	200	widget.min.js Show response static.rechargecdn.com/assets/js/	341 KB 112 KB	508ms 174ms	Script application/javascript	2a02:26f0:6c00::210:baeb
General Check archive.org Show headers Download Go to Full URL https://static.rechargecdn.com/assets/js/widget.min.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:baeb -, , ASN (), Reverse DNS Software / Resource Hash 24b4315e702855a20111a025885f12dae5c0189dd980928621081db4b7b77047 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding gzip x-guploader-uploadid ADPycdtNMHC_tp48A_H_6WV8J95uF9jMal0LgpETCP5ulW0T5gtKUkg5ue2KoYLBV-ku_OJr5M77g9rNOvDArn2rN2Rc3w x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip server-timing cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=119 content-length 113548 last-modified Fri, 08 Jul 2022 17:24:18 GMT etag "0569dc0bd7618b23fd8876c2c760b2ae" vary Accept-Encoding x-goog-hash crc32c=T0GyMQ==, md5=BWncC9dhiyP9iHbCx2Cyrg== x-goog-generation 1657301058398100 access-control-allow-origin * cache-control public, no-transform, max-age=60 x-goog-stored-content-length 113548 accept-ranges bytes content-type application/javascript
GET H2	200	track.js Show response dttrk.com/shopify/	3 KB 2 KB	98ms 35ms	Script application/javascript	2606:4700:3031::6815:4ddc
General Check archive.org Show headers Download Go to Full URL https://dttrk.com/shopify/track.js?shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4ddc -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 758307a899b84024df3fad4ee473d375f4a76bdb8392e122be017617198b2394 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 129024 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare x-frame-options DENY etag W/"shopify/track.55051d17cc.js" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqqBf9zoqInWYLOU0vNc21u8kDM2SK6ZzJSz7xPa8Z%2FXjVPgrXZmqxS65Rli7RQBo1Bz2GA9uhNstCq8xKfBh8YYR%2BraX8DQd2nXU6J5cyJP3rBX4ZNV1i52jyFv35DP3EtgUPlCJLw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=7200 feature-policy none cf-ray 74c6aa614ecc691b-FRA
GET H2	200	pushowl-shopify.js Show response cdn.pushowl.com/latest/sdks/	154 KB 37 KB	139ms 28ms	Script application/javascript	2600:9000:2057:7e00:7:6365:89c0:93a1
General Check archive.org Show headers Download Go to Full URL https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=fandiem&environment=production&guid=32dd465d-2f9a-4f57-9c37-e4637879e4f0&shop=fandiem.myshopify.com Requested by Host: fandiem.com URL: https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:7e00:7:6365:89c0:93a1 -, , ASN (), Reverse DNS Software / Resource Hash 648e02bd6935be0647e9a86c28ed8fbb7eae0f457651be02aaf4c027d72d46bf Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Tue, 06 Sep 2022 09:37:13 GMT content-encoding br age 1011255 etag W/"26699-TkhRjpRluCibAys3v2Wg21yoWt8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 x-server ImageKit.io x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id K9WZNevhC-4vHyoD4FDGdm4JJrURUdzf5yRmP5uNeXKFg1WMrTdRQQ== via 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront) x-request-id cfdc7633-dc24-4a19-b397-f7c49d195460
GET H2	200	ct.html Show response ct.pinterest.com/ Frame 4BA6	565 B 591 B	52ms 51ms	Document text/html	104.75.88.209 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/ct.html Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.55e552f9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-209.deploy.static.akamaitechnologies.com Software / Resource Hash f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload Request headers Referer https://fandiem.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers akamai-grn 0.956656b8.1663468288.826d36cf cache-control max-age=86400 content-encoding gzip content-length 323 content-type text/html; charset=utf-8 date Sun, 18 Sep 2022 02:31:28 GMT referrer-policy origin strict-transport-security max-age=31536000 ; includeSubDomains ; preload vary Accept-Encoding x-cdn akamai x-envoy-upstream-service-time 0 x-pinterest-rid 4491286436462914
GET H2	200	sdk.bundle.js Show response sdk.postscript.io/	234 KB 64 KB	88ms 27ms	Script application/javascript	65.9.66.111
General Check archive.org Show headers Download Go to Full URL https://sdk.postscript.io/sdk.bundle.js?shopId=100273 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/s/files/1/0502/2167/8757/t/8/assets/BMmoFnGNlK5UpA4h.js?v=1649866955&shopId=100273&shop=fandiem.myshopify.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.111 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 614c6ce4e7fe0c969b59c3d43e3bd4ba212cbbb87c89108b8a42f01b6375397c Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 17 Sep 2022 13:58:25 GMT content-encoding gzip last-modified Fri, 16 Sep 2022 13:58:14 GMT server AmazonS3 age 45184 etag W/"7ec94f14d38a16f02e37c106e5790dca" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id umVCvJ040tqlX4khO7RtFtb7ojB97Af5dMm0WUmDHKAIZ3mg-CqK-Q==
GET H2	200	/ Show response cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/	3 KB 3 KB	24ms 24ms	XHR application/json	2600:9000:2057:7e00:7:6365:89c0:93a1
General Check archive.org Show headers Download Go to Full URL https://cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/?guid=32dd465d-2f9a-4f57-9c37-e4637879e4f0&platform=shopify Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:7e00:7:6365:89c0:93a1 -, , ASN (), Reverse DNS Software / Resource Hash f913db74b25d9ef4a0d01557d5cb9f572130a444a65a51570eb01a7ca0560df4 Request headers Accept application/json Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json Response headers date Tue, 06 Sep 2022 11:01:08 GMT via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) age 1006220 etag W/"b76-rumRCwdFbTvEvXvs8Nh95KXaECE" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, s-maxage=15552000, max-age=15552000, must-revalidate x-server ImageKit.io x-amz-cf-pop FRA6-C1 timing-allow-origin * content-length 2934 x-amz-cf-id a5JbSUpFDVqZMEaaEFpwVGx9N1ahm91uYz44cgVLBaxd-7jZEWqRig== x-request-id cb024e09-1e09-425d-867b-7b9fd6a09b33
OPTIONS H2	200	/ cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/ Frame	0 0	167ms 120ms	Preflight	2600:9000:2057:7e00:7:6365:89c0:93a1
General Check archive.org Show headers Download Go to Full URL https://cdn.pushowl.com/config/api/v1/fandiem/subscriber/config/widget/?guid=32dd465d-2f9a-4f57-9c37-e4637879e4f0&platform=shopify Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:7e00:7:6365:89c0:93a1 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * cache-control public, s-maxage=15552000, max-age=15552000 content-length 0 date Sun, 18 Sep 2022 02:31:28 GMT via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) x-amz-cf-id g8aHWHE0j3WiikQ_1FXt3hL1uEjCgQIOqkNKKjqrhBi3PeT7iSC91w== x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront x-request-id 841441c8-a490-9e30-bc6e-b0e6c2472729
GET H2	200	100273 Show response api.postscript.io/sdk/config/	122 B 534 B	447ms 307ms	Fetch application/json	65.9.66.54
General Check archive.org Show headers Download Go to Full URL https://api.postscript.io/sdk/config/100273 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.54 -, , ASN (), Reverse DNS Software / Resource Hash d18c3255af255a7a1b76a397393a67aa0c8a49b646f08bf0e35e2e0bca865d5c Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding gzip x-amzn-remapped-content-length 122 x-amz-cf-pop FRA56-C1 x-amzn-requestid ce13ecc9-c6b5-40df-9018-9440e72e8ec1 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-63268300-4219780c048593b62a22c21e access-control-allow-credentials true x-amz-apigw-id YoloJE_ioAMFkug= content-length 103 via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) x-amz-cf-id WZej2dTnRODxeMm2WY1qBKlRou8mqrUsw4cegVYEplyJNkxVkTHSHA==
GET H3	200	/ Show response shy.elfsight.com/p/boot/	1 KB 2 KB	262ms 237ms	Script text/javascript	2606:4700:20::681a:76b
General Check archive.org Show headers Download Go to Full URL https://shy.elfsight.com/p/boot/?a=&callback=__esappsPlatformBoot1663468288385&shop=fandiem.myshopify.com&w=78344cf6-97f4-4b85-977b-ef05aff2fc99%2Ce678ffe3-1e09-4cf1-a8e3-5a5e839f399f Requested by Host: shy.elfsight.com URL: https://shy.elfsight.com/p/platform.js?shop=fandiem.myshopify.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:76b -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 9836c5e0bce1edeb4e6e87a6dc2bcf3631e2caf992e0477cb0482d204fb7291b Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiognpvAUoS2T2YVOb68KHYiCcULB1ebLtmIAA8DRFjntWFs4NnxDbx91L5P4Y%2F8hQgAoOKg0WVCvr2eXnYl5BQXPqHqIDGSTLLJ8VfJt1i%2FmrYd%2Bgj4V7txbhiXp8sslOKn9d85Y7MAVM8mQy4%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control no-cache, private cf-apo-via origin,host cf-ray 74c6aa629f2dbbf1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block
OPTIONS H2	200	events api.pushowl.com/event/v1/ Frame	0 0	609ms 108ms	Preflight text/html	52.3.59.52
General Check archive.org Show headers Download Go to Full URL https://api.pushowl.com/event/v1/events Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.3.59.52 -, , ASN (), Reverse DNS Software gunicorn/20.0.4 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin * access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Sun, 18 Sep 2022 02:31:29 GMT server gunicorn/20.0.4 vary Origin x-content-type-options nosniff
POST H2	204	events api.pushowl.com/event/v1/	0 161 B	117ms 114ms	XHR text/plain	52.3.59.52
General Check archive.org Show headers Download Go to Full URL https://api.pushowl.com/event/v1/events Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.3.59.52 -, , ASN (), Reverse DNS Software gunicorn/20.0.4 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept text/plain Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Sun, 18 Sep 2022 02:31:29 GMT x-content-type-options nosniff server gunicorn/20.0.4 x-frame-options DENY allow POST, OPTIONS vary Accept, Origin, Cookie
GET H3	404	.js Show response fandiem.com/products/	0 1 KB	299ms 298ms	XHR application/json	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/products/.js Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production x-cache miss content-type application/json; charset=utf-8 x-alternate-cache-key cacheable:a10bcc90829f7e3f95c6edd26c5ae344 server-timing processing;dur=143, db;dur=108 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-frame-options DENY content-language en-US x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F4StsLoMFg2wUb%2BrEY%2BfgeZ0H8wo8kgK7tO7H%2BzLGDsRxUUgbaO1Rzddm3uH1QbxX%2BNQCY4wIqarY%2Bgj42%2FSqgO07z8EWwbyAuyto6z5fABRdjWHZrwpMQCnYIh"}],"group":"cf-nel","max_age":604800} x-download-options noopen access-control-allow-origin * vary Accept content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; x-request-id 07f64920-2d92-439c-9e74-0c187e1f0b3b cf-ray 74c6aa632bf59974-FRA x-sorting-hat-podid 253
GET H/1.1	200 OK	widget_iframe.html Show response widgetv3.bandsintown.com/ Frame FD1E	1 KB 1 KB	30ms 29ms	Document text/html	143.204.215.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgetv3.bandsintown.com/widget_iframe.html?affil_code=js_fandiem.com&app_id=js_fandiem.com&artist_id=12324703&artist_name=Kesha&came_from_code=700 Requested by Host: widgetv3.bandsintown.com URL: https://widgetv3.bandsintown.com/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-89.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash b9019e2e5707d67dbbb8e97adb47b0e88f5c02b191b12cd2acb34e8cd50eb954 Request headers Referer https://fandiem.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Age 334 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sun, 18 Sep 2022 02:31:28 GMT ETag W/"d578d05204b1721b10defd8bb4e3858e" Last-Modified Thu, 18 Nov 2021 18:57:16 GMT Server AmazonS3 Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront) X-Amz-Cf-Id h6I00M391rtH0xWU5SwSXkmnGhIDHToyojnPs7sxTSZzFYCQxswwBg== X-Amz-Cf-Pop FRA53-C1 X-Cache Hit from cloudfront
POST H3	200	add Show response triplewhale-pixel.web.app/trek/	49 B 551 B	291ms 290ms	XHR application/json	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://triplewhale-pixel.web.app/trek/add?r=2.50095887150 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Express Resource Hash 41e262d8ea12d65484f14ed3dbb476dd2d02e26ee003f8d407ad063f69e18355 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip etag W/"31-SuoSy2k23EVd8cxhrnC+SvH4UTA" x-powered-by Express x-cache MISS alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-served-by cache-muc13933-MUC server Google Frontend x-timer S1663468289.805812,VS0,VE244 date Sun, 18 Sep 2022 02:31:29 GMT vary Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://fandiem.com x-cloud-trace-context c85581e361eb16607cc37f5df9ed993b cache-control private function-execution-id 873hvd3yvpki accept-ranges bytes x-orig-accept-language de-DE,de;q=0.9 x-country-code DE x-cache-hits 0
OPTIONS H3	204	add triplewhale-pixel.web.app/trek/ Frame	0 0	192ms 191ms	Preflight text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://triplewhale-pixel.web.app/trek/add?r=2.50095887150 Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Google Frontend / Express Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://fandiem.com alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control private content-type text/html date Sun, 18 Sep 2022 02:31:28 GMT function-execution-id k3ezs3oec7s8 server Google Frontend strict-transport-security max-age=31556926; includeSubDomains; preload vary Origin, Access-Control-Request-Headers,cookie,need-authorization, x-fh-requested-host, accept-encoding x-cache MISS x-cache-hits 0 x-cloud-trace-context 0d8bc7aa892042db8a6bad8ca44203a6 x-country-code DE x-powered-by Express x-served-by cache-muc13933-MUC x-timer S1663468289.609947,VS0,VE144
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame FD1E	175 KB 63 KB	36ms 36ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NTHLS8M Requested by Host: widgetv3.bandsintown.com URL: https://widgetv3.bandsintown.com/widget_iframe.html?affil_code=js_fandiem.com&app_id=js_fandiem.com&artist_id=12324703&artist_name=Kesha&came_from_code=700 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c6e88d27eba9485bbe663cde8945ba12044db456fdbf8507b17a132ad8313769 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://widgetv3.bandsintown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64179 x-xss-protection 0 last-modified Sun, 18 Sep 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 18 Sep 2022 02:31:28 GMT
POST H/1.1	200 OK	items Show response referralyard.com/api/render/onsite/	122 B 370 B	147ms 146ms	XHR application/json	52.15.83.136
General Check archive.org Show headers Download Go to Full URL https://referralyard.com/api/render/onsite/items Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.15.83.136 -, , ASN (), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 660fb94e60f11db5d25e92fbfe87d2e971882333ba0027325cd1c876f55ea2d4 Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-type application/json;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 18 Sep 2022 02:31:29 GMT Cache-Control no-cache, private Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type application/json
OPTIONS H/1.1	204 No Content	items referralyard.com/api/render/onsite/ Frame	0 0	352ms 125ms	Preflight text/html	52.15.83.136
General Check archive.org Show headers Download Go to Full URL https://referralyard.com/api/render/onsite/items Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.15.83.136 -, , ASN (), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://fandiem.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Access-Control-Max-Age 0 Cache-Control no-cache, private Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sun, 18 Sep 2022 02:31:28 GMT Server nginx/1.14.0 (Ubuntu) Vary Access-Control-Request-Method, Access-Control-Request-Headers
GET H3	200	cart.js Show response fandiem.com/	283 B 1 KB	169ms 169ms	XHR text/javascript	23.227.38.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fandiem.com/cart.js?r=2.50095372810 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H3 Security QUIC, , AES_128_GCM Server 23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US), Reverse DNS myshopify.com Software cloudflare / Resource Hash f2d50a68bae07fc9863ac8410432428c5c4222b2d889da85a088fd2a3eab6541 Security Headers Name Value Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=7889238 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/sweeps/kesha?utm_campaign=f-covid-bandsintown-sweet-relief-2022&utm_content=f-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page&utm_medium=partner-bandsintown-blast-from-bit&utm_source=bandsintown User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br vary Accept-Encoding, Accept cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none x-dc gcp-europe-west3,us-east1,gcp-us-east1 x-shopify-stage production content-type text/javascript; charset=utf-8 server-timing processing;dur=23, db;dur=8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-sorting-hat-shopid 50221678757 x-shardid 253 x-storefront-renderer-rendered 1 server cloudflare x-sorting-hat-podid 253 x-frame-options DENY content-language en x-shopid 50221678757 strict-transport-security max-age=7889238 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFzMRfWZ8tlLMwCvk5Zut7BJmxuWDQFx2NLSQkEMQVoKwas5wbUnXhyLvqD6xx840ysTyNWUzXtMdzqJ3ecYty6TIkRYsmNbhOa7rYdqxoIQ7uzXhobv5DLrYKWQ"}],"group":"cf-nel","max_age":604800} x-download-options noopen x-request-id 1c9b7445-6b07-4c94-a81f-bd96ef0469d6 content-security-policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; cf-ray 74c6aa63ec849974-FRA x-content-type-options nosniff x-cartjs-updatedat 0
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame FD1E	49 KB 20 KB	85ms 85ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTHLS8M Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://widgetv3.bandsintown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 5368 date Sun, 18 Sep 2022 01:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 18 Sep 2022 03:02:00 GMT
GET H/1.1	200 OK	clear.gif px1.bandsintown.com/ Frame FD1E	43 B 504 B	345ms 22ms	Image image/gif	52.222.214.18
General Check archive.org Show headers Download Go to Show image Full URL https://px1.bandsintown.com/clear.gif?property=user_log&param=%7B%22user_id%22:%22undefined%22,%22affil_code%22:%22js_fandiem.com%22,%22app_id%22:%22js_fandiem.com%22,%22came_from_code%22:%22700%22,%22custom%22:%7B%22utm_source%22:%22undefined%22,%22utm_campaign%22:%22undefined%22,%22utm_medium%22:%22undefined%22%7D,%22artist_id%22:12324703,%22event_id%22:0,%22artist_event_id%22:0,%22venue_id%22:0,%22festival_id%22:0,%22source%22:%22Widget%20iFrame%22,%22version%22:%223%22,%22logtype%22:%22impression%22,%22nonce%22:634763126%7D&gtmcb=1264387827 Requested by Host: widgetv3.bandsintown.com URL: https://widgetv3.bandsintown.com/widget_iframe.html?affil_code=js_fandiem.com&app_id=js_fandiem.com&artist_id=12324703&artist_name=Kesha&came_from_code=700 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.214.18 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://widgetv3.bandsintown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sat, 17 Sep 2022 13:03:20 GMT Via 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront) Last-Modified Mon, 04 May 2015 15:44:39 GMT Server AmazonS3 Age 48489 ETag "325472601571f31e1bf00674c368d335" X-Cache Hit from cloudfront Content-Type image/gif Connection keep-alive X-Amz-Cf-Pop FRA56-P3 Accept-Ranges bytes Content-Length 43 X-Amz-Cf-Id esv1em1J5H8jQe95uMo1FmFV8TsMISO2Y21E_roAv0qPhnvKRhuHuQ==
GET H2	200	socialShareButtons.js Show response static.elfsight.com/apps/social-share-buttons/shopify/release/a7a16905-8a6d-42f2-baec-7030e2696a67/app/	420 KB 76 KB	97ms 83ms	Script application/javascript	2606:4700:20::681a:76b
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/apps/social-share-buttons/shopify/release/a7a16905-8a6d-42f2-baec-7030e2696a67/app/socialShareButtons.js Requested by Host: shy.elfsight.com URL: https://shy.elfsight.com/p/platform.js?shop=fandiem.myshopify.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:76b -, , ASN (), Reverse DNS Software cloudflare / Resource Hash aa8ed4331e5d31cbce3997b5c8f44071d182d5921b5f806421d2fc528049eab4 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:28 GMT content-encoding br vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 126277 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id tx0000000000000b5745201-0063248e72-3ade2f46-sfo2a x-hw 1663342011.dop054.fr8.t,1663342011.cds017.fr8.hn,1663342011.cds055.fr8.c last-modified Tue, 29 Mar 2022 12:43:20 GMT server cloudflare cache-control max-age=31536000 etag W/"3df6bc74c6b8b97c351a6038441e9bac" strict-transport-security max-age=0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ3hB96ZIoWEHbsCkGom8kb52ZHsID4On8sBUEH8GSRtevmNRfCYDcDqbbx7wweyKnqkDZpnYVS%2FBl84IdmQVSZOBTq%2F0bVXxIgyCXpkCSRdP4YX31WFOiCPxxfqBW1gCC7RCN95hXXH91RCiPuaEzc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-rgw-object-type Normal cf-ray 74c6aa649fd29b7c-FRA
POST H3	200	collect Show response www.google-analytics.com/j/ Frame FD1E	2 B 22 B	33ms 33ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1582044830&t=pageview&_s=1&dl=https%3A%2F%2Fwidgetv3.bandsintown.com%2Fwidget_iframe.html%3Faffil_code%3Djs_fandiem.com%26app_id%3Djs_fandiem.com%26artist_id%3D12324703%26artist_name%3DKesha%26came_from_code%3D700&dr=https%3A%2F%2Ffandiem.com%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAEABAAAAAC~&jid=728953171&gjid=1071866517&cid=1199078748.1663468289&uid=undefined&tid=UA-2044446-18&_gid=1454383534.1663468289&_r=1&gtm=2wg9e0NTHLS8M&cd1=Widget%20iFrame&cd2=js_fandiem.com&cd3=700&cd4=widget-v2&cd6=Kesha&cd9=2&cd10=12324703&cd11=js_fandiem.com&z=815330152 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://widgetv3.bandsintown.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 18 Sep 2022 02:31:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://widgetv3.bandsintown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	desktop.html Show response sdk.postscript.io/ Frame 24D3	1 KB 958 B	27ms 20ms	Document text/html	65.9.66.111
General Check archive.org Show headers Download Go to Full URL https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Requested by Host: sdk.postscript.io URL: https://sdk.postscript.io/sdk.bundle.js?shopId=100273 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.111 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash ed455c446a7d5dce7d54021f47950e3572c696b6c5e822d8ee8facf0a5a3e91e Request headers Referer https://fandiem.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 45184 content-encoding gzip content-type text/html date Sat, 17 Sep 2022 13:58:25 GMT etag W/"505b29356e279c4d54c10e02c38e5f1c" last-modified Fri, 16 Sep 2022 13:58:13 GMT server AmazonS3 vary Accept-Encoding via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) x-amz-cf-id WPBIlNq3rJU2M2fXDxIs2bREn7bMgzPKnOo8_IGvbgXG9G6G1rmf2g== x-amz-cf-pop FRA56-C1 x-cache Hit from cloudfront
GET H2	200	100273 Show response api.postscript.io/public/klaviyo_form_status/	37 B 482 B	300ms 300ms	Fetch application/json	65.9.66.54
General Check archive.org Show headers Download Go to Full URL https://api.postscript.io/public/klaviyo_form_status/100273 Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.54 -, , ASN (), Reverse DNS Software / Resource Hash 111325fdac9e3c078a70d6b8a8f81466eda581d61cd40536714d160a1a799fa1 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding gzip x-amzn-remapped-content-length 37 x-amz-cf-pop FRA56-C1 x-amzn-requestid c2656cb2-4b7d-4019-bd23-b72441ea7842 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-63268301-5a5aa1bf739ffd303cfb87c3 access-control-allow-credentials true x-amz-apigw-id YoloME4fIAMFoig= content-length 51 via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) x-amz-cf-id tsEI8GcF9-F9Uh4BA6LMi6JHoA6AZUzLBYetRcyzNgoFKMe1ZZFKZQ==
GET DATA	200 OK	truncated /	352 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 57df0348d6c00360aa9e0a119035e735592f3454a9bb1dd5a5f8f0f97b21905e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	consent-tracking-api.js Show response cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/	7 KB 3 KB	218ms 217ms	Script text/javascript	104.16.255.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-ab38017af3cf759db0af0bbd1e75229f6a189f5bf1f2db42169630998b969021.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7224ba4060a2ee1080f674651e69f2bd8dc3dba986fb9f085e33a3cb54593e78 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fandiem.com/ Origin https://fandiem.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cPsb4V6XW05bV5ylqdEkIuLeOpf50XKLJzOB%2FQzyFT2KgLBg4NrMJZAKMI%2BdHsLJ2LNKxldxLbRGb4uWJyO6faVkvcOVCg0yGsvZM7%2BmYgzrQVB3mromYRRrRr%2BUqGwyA%3D%3D"}],"group":"cf-nel","max_age":604800} server-timing imagery;dur=17.142, imageryFetch;dur=17.023 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id cb67686d-c80e-41d6-837f-39400fb8a34a timing-allow-origin * last-modified Sun, 18 Sep 2022 01:57:32 GMT server cloudflare vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * cache-control public, max-age=1800, must-revalidate cf-ray 74c6aa6588a292b9-FRA link <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
POST H3	200	produce monorail-edge.shopifysvc.com/v1/	0 786 B	219ms 175ms	Ping text/plain	104.16.254.71 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://monorail-edge.shopifysvc.com/v1/produce Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers date Sun, 18 Sep 2022 02:31:29 GMT access-control-allow-methods OPTIONS,POST x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-dc gcp-us-east1,us-central1 access-control-max-age 86400 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-request-id be434ad4-98f8-4dd9-b6eb-a08ef966fa29 server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyJGNsP3T9rQGJo8AWmnbUd0xZvbp0CDeAQGHD7J1j%2B9J%2BbqgQHKPivP3AJc33CR7dQm%2F4HBCy15l3Vsav1tC4N1TqjWc4vtP4xjM5s6g6rKh5X%2FRCsaj7o91q6tDl4iqojKJr7lnCHDGadlfpM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://fandiem.com access-control-allow-credentials true cf-ray 74c6aa65dd1f913d-FRA access-control-allow-headers User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
GET H2	200	products.json static.rechargecdn.com/store/fandiem.myshopify.com/product/2020-12/	29 KB 5 KB	326ms 175ms	XHR application/json	2a02:26f0:6c00::210:baeb
General Check archive.org Show headers Download Go to Full URL https://static.rechargecdn.com/store/fandiem.myshopify.com/product/2020-12/products.json Requested by Host: cdn.shopify.com URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:baeb -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://fandiem.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding gzip x-guploader-response-body-transformations gunzipped x-guploader-uploadid ADPycdsoBIh63fuNlJ9sTiytDlCYGHXGY4eoUAe-vP722YiHYYNsNYuQPZPJwsH8-6SSarW8TON3GEAnwL0d__mwF929oQ9imZuk x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip server-timing cdn-cache; desc=REVALIDATE, edge; dur=8, origin; dur=120 content-length 3884 last-modified Thu, 15 Sep 2022 14:13:50 GMT etag "e9375536d0fe474f3c56ffeb72d58d41" vary Accept-Encoding x-goog-hash crc32c=K2n9VQ== x-goog-generation 1663251230013483 access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Expires, Pragma, Server, Transfer-Encoding, Vary, Warning, X-GUploader-Response-Body-Transformations, X-GUploader-UploadID, X-Google-Trace cache-control max-age=55 x-goog-stored-content-length 3784 accept-ranges bytes content-type application/json warning 214 UploadServer gunzipped
POST H3	200	collect Show response stats.g.doubleclick.net/j/ Frame FD1E	1 B 22 B	28ms 27ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2044446-18&cid=1199078748.1663468289&jid=728953171&uid=undefined&gjid=1071866517&_gid=1454383534.1663468289&_u=YEBAAEAAAAAAAC~&z=569261931 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://widgetv3.bandsintown.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 18 Sep 2022 02:31:29 GMT content-type text/plain access-control-allow-origin https://widgetv3.bandsintown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	css fonts.googleapis.com/ Frame 24D3	5 KB 633 B	79ms 35ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700 Requested by Host: sdk.postscript.io URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://sdk.postscript.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 18 Sep 2022 00:35:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 18 Sep 2022 02:31:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 18 Sep 2022 02:31:29 GMT
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 24D3	30 KB 7 KB	89ms 29ms	Stylesheet text/css	2606:4700::6812:acf
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: sdk.postscript.io URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sdk.postscript.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723 age 20372216 cdn-cachedat 11/15/2021 21:49:00 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.0 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 2729ae8f2fc6c761bdc17d91cc795f58 cf-ray 74c6aa66dd535c0e-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	styles.css referralyard.com/css/onsite/	11 KB 11 KB	115ms 113ms	Stylesheet text/css	52.15.83.136
General Check archive.org Show headers Download Go to Full URL https://referralyard.com/css/onsite/styles.css?v=1.1 Requested by Host: referralyard.com URL: https://referralyard.com/js/integrations/script.js?shop=fandiem.myshopify.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.15.83.136 -, , ASN (), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers Date Sun, 18 Sep 2022 02:31:29 GMT Last-Modified Sun, 08 Aug 2021 10:55:14 GMT Server nginx/1.14.0 (Ubuntu) ETag "610fb812-2a32" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 10802
GET H2	200	desktop.css sdk.postscript.io/ Frame 24D3	22 KB 4 KB	21ms 20ms	Stylesheet text/css	65.9.66.111
General Check archive.org Show headers Download Go to Full URL https://sdk.postscript.io/desktop.css Requested by Host: sdk.postscript.io URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.111 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 17 Sep 2022 13:58:32 GMT content-encoding gzip last-modified Fri, 16 Sep 2022 13:58:13 GMT server AmazonS3 age 45184 etag W/"46e2c85c15f49e8dffe58cca83a1e743" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id UCPdrJauwGS5PU3YjFTHQe-SfUFQCoX6ncrcHo6y8Uwd9VWKt3q_LQ==
GET H2	200	desktop.bundle.js sdk.postscript.io/ Frame 24D3	120 KB 37 KB	24ms 22ms	Script application/javascript	65.9.66.111
General Check archive.org Show headers Download Go to Full URL https://sdk.postscript.io/desktop.bundle.js?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Requested by Host: sdk.postscript.io URL: https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.111 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sdk.postscript.io/desktop.html?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sat, 17 Sep 2022 13:58:32 GMT content-encoding gzip last-modified Fri, 16 Sep 2022 13:58:13 GMT server AmazonS3 age 45185 etag W/"2a96459baa6830940b893526db5826bd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id 3krd2I9XZ0aqYsw6y-sA2AFkv-EEMejPJ1psDSg-29TDLRDJrcz0yQ==
GET H2	200	socket.io.js cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/	61 KB 17 KB	81ms 35ms	Script application/javascript	2606:4700::6811:180e
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/socket.io.js Requested by Host: sp-auction.webkul.com URL: https://sp-auction.webkul.com/js/wk_auction_category.js?shop=fandiem.myshopify.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 274358 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16834 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-f3e6" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoypR9Ho3RBfaEZQDVDW%2FoMpM%2FOdjuOK7BaCPrQq8Qa%2BD2mO4PQj9p0HSuBfU4c3TpXH2JbpGTGSwopUh9eY1CkZcvmUxm72wwPAfKrMB3WKdz14N67ONexagbV4kfZ5c7xJ9RXVqOHJxzBZSrMs6Nyl"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74c6aa67cba49c0c-FRA expires Fri, 08 Sep 2023 02:31:29 GMT
GET H2	200	jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 33 KB	71ms 21ms	Script text/javascript	2a00:1450:4001:806::200a
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: sp-auction.webkul.com URL: https://sp-auction.webkul.com/js/wk_auction_category.js?shop=fandiem.myshopify.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a -, , ASN (), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 00:49:49 GMT content-encoding gzip x-content-type-options nosniff age 6100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 18 Sep 2023 00:49:49 GMT
GET H2	200	desktop api.postscript.io/v2/public/popups/100273/ Frame 24D3	8 KB 3 KB	416ms 416ms	Fetch application/json	65.9.66.54
General Check archive.org Show headers Download Go to Full URL https://api.postscript.io/v2/public/popups/100273/desktop Requested by Host: sdk.postscript.io URL: https://sdk.postscript.io/desktop.bundle.js?shopId=100273&sessionId=cytE_5jiJNH2MQZX27XmV&status=&flags=&origin=https%3A%2F%2Ffandiem.com%2Fsweeps%2Fkesha%3Futm_campaign%3Df-covid-bandsintown-sweet-relief-2022%26utm_content%3Df-covid-bandsintown-sweet-relief-2022-kesha-sweeps-page%26utm_medium%3Dpartner-bandsintown-blast-from-bit%26utm_source%3Dbandsintown Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.54 -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sdk.postscript.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding gzip x-amzn-remapped-content-length 8321 x-amzn-remapped-date Sun, 18 Sep 2022 02:31:29 GMT x-amz-cf-pop FRA56-C1 x-amzn-requestid 28fbc9d5-3e8e-4fe9-bcb4-dbe0ad09fe89 x-cache Miss from cloudfront x-amz-apigw-id YoloRF3soAMFfog= content-length 2036 access-control-allow-origin https://sdk.postscript.io vary Origin content-type application/json via 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront) x-amzn-remapped-server gunicorn/20.0.4 access-control-allow-credentials true x-amz-cf-id xVN0guY1jr5X0oV7Vm0JdMig17z9bXhqYoc4kJtO277XPsIdAM8tiw== x-amzn-remapped-connection keep-alive
GET H3	200	css2 fonts.googleapis.com/	2 KB 428 B	31ms 31ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Requested by Host: referralyard.com URL: https://referralyard.com/css/onsite/styles.css?v=1.1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://referralyard.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 18 Sep 2022 00:38:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 18 Sep 2022 02:31:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 18 Sep 2022 02:31:29 GMT
GET H3	200	jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 32 KB	75ms 22ms	Script text/javascript	2a00:1450:4001:806::200a
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: sp-auction.webkul.com URL: https://sp-auction.webkul.com/js/wk_shopify_auction.js?shop=fandiem.myshopify.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a -, , ASN (), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 00:49:49 GMT content-encoding gzip x-content-type-options nosniff age 6100 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32954 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 18 Sep 2023 00:49:49 GMT
GET H3	200	socket.io.js cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/	61 KB 17 KB	193ms 33ms	Script application/javascript	2606:4700::6811:180e
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.1/socket.io.js Requested by Host: sp-auction.webkul.com URL: https://sp-auction.webkul.com/js/wk_shopify_auction.js?shop=fandiem.myshopify.com Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fandiem.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36 Response headers date Sun, 18 Sep 2022 02:31:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 274358 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16834 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-f3e6" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52GfLNIZEqtd9uMGpJVqswJQUqQ1tzUNsNB6FHbqvRRy4hqjfi60%2BQKudjL9qZ44ZMVm8U3BzunkiGi5oB2oPy5w8%2Fj4fMjkzj8zVGx%2BHDUqmrnfhueGH%2BFy8u4cIOZSUHo24L1AR6mfmJB080WJ0z2q"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74c6aa6a1c239b7c-FRA expires Fri, 08 Sep 2023 02:31:29 GMT
GET		country location.postscript.io/ Frame 24D3	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

region1.analytics.google.com

URL

https://region1.analytics.google.com/g/collect?v=2&tid=G-XG86FRBQR2&gtm=2oe9e0&_p=1742092529&cid=1846812342.1663468284&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1663468284&sct=1&seg=0&dl=http%3A%2F%2Fwinwith.fandiem.com%2Ff-covid-kesha-bit-blast&dt=WIN%20AN%20AUTOGRAPHED%20PICTURE%20OF%20KESHA&_s=2

Domain

dpjhaiprv9czz.cloudfront.net

URL

https://dpjhaiprv9czz.cloudfront.net/0c3bc5536001f611a456.otf

Domain

location.postscript.io

URL

https://location.postscript.io/country