URL: https://www.theticket1590.com/
Submission: On April 17 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 157 IPs in 16 countries across 135 domains to perform 700 HTTP transactions. The main IP is 2606:4700::6812:1740, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theticket1590.com.
TLS certificate: Issued by GTS CA 1P5 on April 17th 2023. Valid for: 3 months.
This is the only time www.theticket1590.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
58 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
5 149.126.77.46 19551 (INCAPSULA)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 108.138.17.91 16509 (AMAZON-02)
1 52.3.62.68 14618 (AMAZON-AES)
2 100.21.16.143 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
4 2600:9000:211... 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
4 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.18.11.47 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
11 18.66.97.25 16509 (AMAZON-02)
8 44.210.56.152 14618 (AMAZON-AES)
3 108.138.1.25 16509 (AMAZON-02)
1 34.233.79.203 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
9 3.33.220.150 16509 (AMAZON-02)
25 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.3 16509 (AMAZON-02)
1 104.18.13.242 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 3.232.54.224 14618 (AMAZON-AES)
1 104.85.21.172 16625 (AKAMAI-AS)
2 5 2620:116:800d... 16509 (AMAZON-02)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 108.138.4.150 16509 (AMAZON-02)
29 2600:9000:223... 16509 (AMAZON-02)
1 4 13.32.99.90 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 213.19.147.43 26120 (RHYTHMONE)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 18.185.199.82 16509 (AMAZON-02)
1 3.65.74.108 16509 (AMAZON-02)
7 13 185.83.142.19 29990 (ASN-APPNEX)
1 185.94.180.123 35220 (SPOTX-AMS)
2 18.66.97.105 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2600:9000:223... 16509 (AMAZON-02)
1 8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 34.90.223.176 396982 (GOOGLE-CL...)
1 152.195.34.212 15133 (EDGECAST)
1 178.79.242.16 22822 (LLNW)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 34.196.114.84 14618 (AMAZON-AES)
1 52.4.143.35 14618 (AMAZON-AES)
5 98.98.134.243 21859 (ZEN-ECN)
1 2600:9000:215... 16509 (AMAZON-02)
3 4 104.120.62.44 16625 (AKAMAI-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
59 2a00:1450:400... 15169 (GOOGLE)
4 130.211.115.4 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 35.81.73.75 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 2 147.75.84.158 54825 (PACKET)
3 51.75.86.98 16276 (OVH)
3 216.52.2.39 30282 (AS-INAPCD...)
12 34.241.40.57 16509 (AMAZON-02)
19 41 142.250.186.66 15169 (GOOGLE)
5 21 185.80.39.216 27381 (CASALE-MEDIA)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.25 16509 (AMAZON-02)
4 138.201.135.164 24940 (HETZNER-AS)
1 4 138.201.63.157 24940 (HETZNER-AS)
5 9 35.244.159.8 15169 (GOOGLE)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2 145.239.193.130 16276 (OVH)
1 13.40.227.197 16509 (AMAZON-02)
1 2 142.250.186.70 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 104.74.96.163 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.41 16509 (AMAZON-02)
1 99.86.4.53 16509 (AMAZON-02)
6 142.250.185.226 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 18.158.41.38 16509 (AMAZON-02)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.155.156.184 1299 (TWELVE99 ...)
1 35.186.253.211 15169 (GOOGLE)
5 5 193.0.160.130 54312 (ROCKETFUEL)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.65.247.187 16509 (AMAZON-02)
2 3.9.28.72 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 54.231.227.96 16509 (AMAZON-02)
10 23.56.202.187 16625 (AKAMAI-AS)
4 5 2001:678:cb4:... 56396 (AMOBEE)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
5 5 37.157.4.28 198622 (ADFORM)
1 159.203.145.121 14061 (DIGITALOC...)
1 1 52.45.175.185 14618 (AMAZON-AES)
7 7 3.71.149.231 16509 (AMAZON-02)
1 52.217.48.206 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
3 8 69.173.144.138 26667 (RUBICONPR...)
2 4 67.220.226.238 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 5 52.46.130.91 16509 (AMAZON-02)
1 4 192.173.31.109 13360 (TRITONDIG...)
8 208.92.55.231 13360 (TRITONDIG...)
1 2 18.198.69.109 16509 (AMAZON-02)
9 9 35.157.70.96 16509 (AMAZON-02)
1 1 34.249.37.121 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 3.212.118.122 14618 (AMAZON-AES)
3 3 185.29.134.244 30419 (MEDIAMATH...)
1 3 185.86.138.152 201081 (SMARTADSE...)
1 142.250.185.162 15169 (GOOGLE)
1 2600:1901:0:8... 15169 (GOOGLE)
3 162.19.138.116 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
4 2.19.228.187 16625 (AKAMAI-AS)
1 18.66.147.106 16509 (AMAZON-02)
14 18.66.97.47 16509 (AMAZON-02)
12 14 198.47.127.18 62713 (AS-PUBMATIC)
11 13 185.64.190.81 62713 (AS-PUBMATIC)
1 104.75.88.126 16625 (AKAMAI-AS)
2 4 52.31.11.204 16509 (AMAZON-02)
1 2 104.111.217.14 16625 (AKAMAI-AS)
2 35.244.174.68 15169 (GOOGLE)
1 54.229.94.229 16509 (AMAZON-02)
1 2 198.47.127.19 3257 (GTT-BACKB...)
1 52.50.188.60 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 77.245.57.72 36057 (WEBAIR-IN...)
1 18.214.157.46 14618 (AMAZON-AES)
4 4 213.19.147.45 3356 (LEVEL3)
1 69.166.1.12 27630 (AS-XFERNET)
1 1 54.156.191.143 14618 (AMAZON-AES)
1 18.156.58.229 16509 (AMAZON-02)
1 1 2.19.228.18 16625 (AKAMAI-AS)
3 3 185.89.210.180 29990 (ASN-APPNEX)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 2 3.122.98.219 16509 (AMAZON-02)
2 3 185.86.139.103 201081 (SMARTADSE...)
1 2 178.250.7.11 44788 (ASN-CRITE...)
7 11 185.64.190.80 62713 (AS-PUBMATIC)
5 7 185.64.189.110 62713 (AS-PUBMATIC)
2 2 54.152.101.92 14618 (AMAZON-AES)
5 5 54.154.41.234 16509 (AMAZON-02)
2 2 198.148.27.140 19189 (PULSEPOINT)
4 4 151.101.130.49 54113 (FASTLY)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.214.153.92 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 72.251.245.179 32475 (SINGLEHOP...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 54.246.170.47 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 34.233.114.35 14618 (AMAZON-AES)
1 1 3.123.167.21 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 8.43.72.98 26667 (RUBICONPR...)
1 16 34.247.233.198 16509 (AMAZON-02)
2 2 52.51.184.211 16509 (AMAZON-02)
3 3 64.202.112.95 23352 (SERVERCEN...)
1 1 54.152.156.135 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 64.74.236.31 19024 (INTERNAP-...)
2 2 52.49.68.56 16509 (AMAZON-02)
1 1 124.146.215.45 2514 (INFOSPHER...)
1 80.77.87.162 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
700 157
Apex Domain
Subdomains
Transfer
96 googlesyndication.com
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 317
595 KB
92 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
pubads.g.doubleclick.net — Cisco Umbrella Rank: 377
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 268640
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
627 KB
70 franklymedia.com
express-cms-assets.franklymedia.com — Cisco Umbrella Rank: 267019
engage-see.franklymedia.com — Cisco Umbrella Rank: 208336
cumuluspro-express-pro.franklymedia.com — Cisco Umbrella Rank: 741674
express-images.franklymedia.com — Cisco Umbrella Rank: 269458
app-ingestion.franklymedia.com
279 KB
53 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729
ads.pubmatic.com — Cisco Umbrella Rank: 725
image8.pubmatic.com — Cisco Umbrella Rank: 1002
image4.pubmatic.com — Cisco Umbrella Rank: 1704
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com
37 KB
34 tunegenie.com
kyngam.tunegenie.com
b3.tunegenie.com — Cisco Umbrella Rank: 312595
api.tunegenie.com — Cisco Umbrella Rank: 122030
static.tunegenie.com — Cisco Umbrella Rank: 362593
534 KB
31 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1275
ads.rubiconproject.com — Cisco Umbrella Rank: 3003
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3684
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
225 KB
25 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
611 KB
23 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 2361
htlb.casalemedia.com — Cisco Umbrella Rank: 768
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
18 KB
20 theticket1590.com
www.theticket1590.com
1 MB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2328
usersync.gumgum.com — Cisco Umbrella Rank: 2448
6 KB
17 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4595
cdn.undertone.com — Cisco Umbrella Rank: 6530
usr.undertone.com — Cisco Umbrella Rank: 6128
9 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
acdn.adnxs.com — Cisco Umbrella Rank: 806
secure.adnxs.com — Cisco Umbrella Rank: 604
33 KB
15 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 18414
embedcdn.sendtonews.com — Cisco Umbrella Rank: 21043
s2l.sendtonews.com — Cisco Umbrella Rank: 19077
player.sendtonews.com — Cisco Umbrella Rank: 24785
345 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3698
public.servenobid.com — Cisco Umbrella Rank: 6602 Failed
9 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
3 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
67 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
661 KB
12 streamtheworld.com
playerservices.live.streamtheworld.com — Cisco Umbrella Rank: 31900
yield-op-idsync.live.streamtheworld.com — Cisco Umbrella Rank: 17382
playerservices.streamtheworld.com — Cisco Umbrella Rank: 41698
idsync.live.streamtheworld.com — Cisco Umbrella Rank: 7522
10 KB
12 cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d13l4u7pe64ymo.cloudfront.net
1 MB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
5 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
41 KB
10 openx.net
us-u.openx.net — Cisco Umbrella Rank: 707
rtb.openx.net — Cisco Umbrella Rank: 1886
u.openx.net — Cisco Umbrella Rank: 974
2 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
imasdk.googleapis.com — Cisco Umbrella Rank: 520
ajax.googleapis.com — Cisco Umbrella Rank: 607
478 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
3 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
2 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
234 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 24080
hal90007.redintelligence.net — Cisco Umbrella Rank: 356118
59 KB
8 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
www.google.de — Cisco Umbrella Rank: 3425
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
318 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
3 KB
6 westseven.media
dl.westseven.media — Cisco Umbrella Rank: 568688
pixel.westseven.media — Cisco Umbrella Rank: 279020
11 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
dmp.adform.net — Cisco Umbrella Rank: 3752
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
r.turn.com — Cisco Umbrella Rank: 4617
2 KB
5 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3974
p.rfihub.com — Cisco Umbrella Rank: 1325
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
110 KB
5 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 6152
data.ad-score.com — Cisco Umbrella Rank: 5965
141 KB
5 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 5223
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
828 B
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1478
pixel.quantserve.com — Cisco Umbrella Rank: 1327
cms.quantserve.com — Cisco Umbrella Rank: 1063
11 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
34 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
225 KB
4 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3332
138 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 987
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
898 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
863 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 15646
api.webgains.io — Cisco Umbrella Rank: 40158
31 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39209
medialead.de — Cisco Umbrella Rank: 38950
895 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
910 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
369 B
3 ipredictive.com
media-cdn.ipredictive.com — Cisco Umbrella Rank: 14067
ad.ipredictive.com — Cisco Umbrella Rank: 7587
sync.ipredictive.com — Cisco Umbrella Rank: 1318
7 KB
3 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 6024
um.simpli.fi — Cisco Umbrella Rank: 1223
5 KB
3 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1142
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
634 B
3 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1060
idsync.rlcdn.com — Cisco Umbrella Rank: 621
id.rlcdn.com — Cisco Umbrella Rank: 1007
504 B
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
27 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
701 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
647 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5438
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
2 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 941
930 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
1 KB
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
320 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 822
stags.bluekai.com — Cisco Umbrella Rank: 842
911 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
1 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1846
2 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
1 KB
2 amazonaws.com
s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3022
s3.amazonaws.com
38 KB
2 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 58898
757 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
64 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
415 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
24 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
261 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2058
104 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
454 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
693 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
338 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3241
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4995
461 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4856
104 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 9811
346 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
266 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 4262
643 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1873
283 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
225 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7413
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6709
370 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1356
178 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3483
424 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 2144
443 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
362 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2228
274 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
498 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 5275
329 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5458
485 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 807
338 B
1 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 4718
428 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2294
272 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
408 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1915
254 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1948
35 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2235
707 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 4014
526 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
649 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 16963
519 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 5771
134 B
1 listenlive.co
sdk.listenlive.co — Cisco Umbrella Rank: 71112
277 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1957
63 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265
437 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15474
705 B
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 94197
312 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 21883
2 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 202889
931 B
1 storyblok.com
a.storyblok.com — Cisco Umbrella Rank: 33359
62 KB
1 pixel.ad
up.pixel.ad — Cisco Umbrella Rank: 12085
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1291
643 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 914
1 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
526 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 9694
96 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 7488
171 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 958
13 KB
1 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2147
0 agkn.com Failed
fid.agkn.com Failed
0 targetspot.com Failed
nodeny.targetspot.com Failed
700 135
Domain Requested by
59 pagead2.googlesyndication.com www.theticket1590.com
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
b3.tunegenie.com
googleads.g.doubleclick.net
d13l4u7pe64ymo.cloudfront.net
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
s0.2mdn.net
54 express-cms-assets.franklymedia.com www.theticket1590.com
41 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
www.theticket1590.com
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
ssbsync.smartadserver.com
g2.gumgum.com
30 tpc.googlesyndication.com securepubads.g.doubleclick.net
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
www.theticket1590.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
d13l4u7pe64ymo.cloudfront.net
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
s0.2mdn.net
29 b3.tunegenie.com kyngam.tunegenie.com
b3.tunegenie.com
www.theticket1590.com
25 s0.2mdn.net imasdk.googleapis.com
www.theticket1590.com
s0.2mdn.net
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
24 securepubads.g.doubleclick.net www.theticket1590.com
securepubads.g.doubleclick.net
www.googletagservices.com
d13l4u7pe64ymo.cloudfront.net
b3.tunegenie.com
20 www.theticket1590.com 1 redirects www.theticket1590.com
16 usersync.gumgum.com 1 redirects g2.gumgum.com
14 image8.pubmatic.com 12 redirects ads.pubmatic.com
14 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
ads.pubmatic.com
13 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 ib.adnxs.com 7 redirects embed.sendtonews.com
ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
13 www.googletagmanager.com www.theticket1590.com
www.googletagmanager.com
b3.tunegenie.com
adv.office-partner.de
12 image4.pubmatic.com 11 redirects
12 ads.servenobid.com ads.rubiconproject.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
12 googleads.g.doubleclick.net www.googletagmanager.com
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.theticket1590.com
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
11 simage2.pubmatic.com 7 redirects ads.pubmatic.com
11 d29xw9s9x32j3w.cloudfront.net www.theticket1590.com
embed.sendtonews.com
10 eus.rubiconproject.com embed.sendtonews.com
eus.rubiconproject.com
d13l4u7pe64ymo.cloudfront.net
cdn.undertone.com
public.servenobid.com
g2.gumgum.com
9 x.bidswitch.net 9 redirects
9 match.adsrvr.org js-sec.indexww.com
www.theticket1590.com
cdn.undertone.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
8 pixel.rubiconproject.com 3 redirects www.theticket1590.com
cdn.undertone.com
eus.rubiconproject.com
8 us-u.openx.net 5 redirects googleads.g.doubleclick.net
cdn.undertone.com
8 www.google.com 1 redirects www.theticket1590.com
d13l4u7pe64ymo.cloudfront.net
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 s2l.sendtonews.com embed.sendtonews.com
7 image2.pubmatic.com 5 redirects ads.pubmatic.com
7 yield-op-idsync.live.streamtheworld.com playerservices.live.streamtheworld.com
7 www.googletagservices.com securepubads.g.doubleclick.net
dl.westseven.media
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
7 fonts.gstatic.com fonts.googleapis.com
6 ups.analytics.yahoo.com 6 redirects
6 ssum-sec.casalemedia.com 1 redirects cdn.undertone.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
6 googleads4.g.doubleclick.net www.theticket1590.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.theticket1590.com
6 fonts.googleapis.com www.theticket1590.com
embed.sendtonews.com
b3.tunegenie.com
hal90007.redintelligence.net
5 match.prod.bidr.io 5 redirects
5 s.amazon-adsystem.com 2 redirects www.theticket1590.com
ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pixel.westseven.media securepubads.g.doubleclick.net
www.theticket1590.com
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
d13l4u7pe64ymo.cloudfront.net
5994599.fls.doubleclick.net
5 region1.google-analytics.com www.googletagmanager.com
5 embed.sendtonews.com 1 redirects www.theticket1590.com
embed.sendtonews.com
5 express-images.franklymedia.com www.theticket1590.com
express-cms-assets.franklymedia.com
5 cumuluspro-express-pro.franklymedia.com www.theticket1590.com
4 a.audrte.com 3 redirects
4 sync-tm.everesttech.net 4 redirects
4 dpm.demdex.net 2 redirects cdn.undertone.com
ssum-sec.casalemedia.com
4 ads.pubmatic.com d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
g2.gumgum.com
4 aax-eu.amazon-adsystem.com 2 redirects www.theticket1590.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 4 redirects
4 ad.turn.com 4 redirects
4 hal90007.redintelligence.net 1 redirects 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
hal90007.redintelligence.net
4 hal9000.redintelligence.net 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
hal90007.redintelligence.net
4 data.ad-score.com d13l4u7pe64ymo.cloudfront.net
4 www.google.de www.theticket1590.com
4 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
d13l4u7pe64ymo.cloudfront.net
4 sb.scorecardresearch.com 1 redirects www.theticket1590.com
4 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
4 cdnjs.cloudflare.com embed.sendtonews.com
www.googletagmanager.com
b3.tunegenie.com
4 connect.facebook.net www.theticket1590.com
connect.facebook.net
4 cmp.quantcast.com www.theticket1590.com
cmp.quantcast.com
4 app-ingestion.franklymedia.com www.theticket1590.com
3 sync.outbrain.com 3 redirects
3 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
3 secure.adnxs.com 3 redirects
3 p.rfihub.com 3 redirects
3 sync.1rx.io 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 ssbsync.smartadserver.com 1 redirects public.servenobid.com
3 pixel-sync.sitescout.com cdn.undertone.com
3 sync.mathtag.com 3 redirects
3 d5p.de17a.com 3 redirects
3 cms.quantserve.com 2 redirects 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
3 ap.lijit.com ads.rubiconproject.com
d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
3 onetag-sys.com ads.rubiconproject.com
d13l4u7pe64ymo.cloudfront.net
public.servenobid.com
3 api.tunegenie.com b3.tunegenie.com
3 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
3 imasdk.googleapis.com embed.sendtonews.com
imasdk.googleapis.com
sdk.listenlive.co
3 stats.g.doubleclick.net www.google-analytics.com
3 cdn.jsdelivr.net www.googletagmanager.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 ads.avct.cloud 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 sync.adkernel.com public.servenobid.com
g2.gumgum.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 id5-sync.com ads.rubiconproject.com
2 playerservices.streamtheworld.com b3.tunegenie.com
2 loadus.exelator.com 1 redirects
2 playerservices.live.streamtheworld.com 1 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 api.webgains.io analytics.webgains.io
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 a.rfihub.com 2 redirects
2 um.simpli.fi 1 redirects
2 d.adtriba.com 1 redirects 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
2 www.youtube.com b3.tunegenie.com
www.youtube.com
2 5994599.fls.doubleclick.net 1 redirects www.theticket1590.com
2 pv.medialead.de 1 redirects hal90007.redintelligence.net
2 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com d13l4u7pe64ymo.cloudfront.net
2 prebid.a-mo.net 1 redirects ads.rubiconproject.com
2 script.4dex.io d13l4u7pe64ymo.cloudfront.net
2 www.facebook.com www.theticket1590.com
2 csi.gstatic.com imasdk.googleapis.com
2 i.clean.gg d13l4u7pe64ymo.cloudfront.net
2 pixel.sitescout.com www.theticket1590.com
2 hbopenbid.pubmatic.com embed.sendtonews.com
ads.rubiconproject.com
2 hb.undertone.com embed.sendtonews.com
ads.rubiconproject.com
2 targeting.unrulymedia.com embed.sendtonews.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 engage-see.franklymedia.com www.theticket1590.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 u.openx.net g2.gumgum.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 cm-supply-web.gammaplatform.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 id.rlcdn.com ssbsync.smartadserver.com
1 d.adroll.com ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 s.company-target.com 1 redirects
1 hbx.media.net 1 redirects
1 match.sharethrough.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 sync.targeting.unrulymedia.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 beacon.krxd.net cdn.undertone.com
1 idsync.rlcdn.com cdn.undertone.com
1 tags.bluekai.com cdn.undertone.com
1 cw.addthis.com cdn.undertone.com
1 pixel.advertising.com 1 redirects
1 lb.eu-1-id5-sync.com ads.rubiconproject.com
1 acdn.adnxs.com d13l4u7pe64ymo.cloudfront.net
1 public.servenobid.com d13l4u7pe64ymo.cloudfront.net
1 cdn.undertone.com d13l4u7pe64ymo.cloudfront.net
1 lexicon.33across.com ads.rubiconproject.com
1 ade.googlesyndication.com
1 idsync.live.streamtheworld.com
1 rtb.adentifi.com
1 ums.acuityplatform.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com 1 redirects
1 px.ads.linkedin.com www.theticket1590.com
1 s3.amazonaws.com www.theticket1590.com
1 im.bluevoox.com 1 redirects
1 cs.chocolateplatform.com 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
1 r.turn.com www.theticket1590.com
1 s3.us-east-1.amazonaws.com www.theticket1590.com
1 sdk.listenlive.co b3.tunegenie.com
1 static.tunegenie.com www.theticket1590.com
1 ajax.googleapis.com s0.2mdn.net
1 rtb.openx.net 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
1 code.createjs.com s0.2mdn.net
1 cdn.track.production.webgains.team 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 www.awin1.com 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
1 ad-server.eu 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 track.webgains.com www.theticket1590.com
1 adv.office-partner.de hal90007.redintelligence.net
1 a.storyblok.com www.theticket1590.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 js.ad-score.com dl.westseven.media
1 ads.rubiconproject.com dl.westseven.media
1 d13l4u7pe64ymo.cloudfront.net dl.westseven.media
1 ad.ipredictive.com www.theticket1590.com
1 dl.westseven.media securepubads.g.doubleclick.net
1 up.pixel.ad www.googletagmanager.com
1 media-cdn.ipredictive.com www.googletagmanager.com
1 tag.simpli.fi www.googletagmanager.com
1 pixel.quantserve.com www.theticket1590.com
1 rules.quantcount.com secure.quantserve.com
1 search.spotxchange.com embed.sendtonews.com
1 prebid-server.rubiconproject.com embed.sendtonews.com
1 tlx.3lift.com embed.sendtonews.com
1 htlb.casalemedia.com embed.sendtonews.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 secure.quantserve.com cmp.quantcast.com
1 secure.cdn.fastclick.net www.theticket1590.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
ads.rubiconproject.com
1 id.sv.rkdms.com js-sec.indexww.com
1 js-sec.indexww.com embed.sendtonews.com
1 kyngam.tunegenie.com www.theticket1590.com
1 thrtle.com www.theticket1590.com
1 embedcdn.sendtonews.com www.theticket1590.com
0 fid.agkn.com Failed ads.rubiconproject.com
0 nodeny.targetspot.com Failed
700 218
Subject Issuer Validity Valid
www.theticket1590.com
GTS CA 1P5
2023-04-17 -
2023-07-16
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.franklymedia.com
R3
2023-02-15 -
2023-05-16
3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2
2022-03-22 -
2023-04-23
a year crt.sh
*.tunegenie.com
Amazon RSA 2048 M01
2023-01-24 -
2024-02-22
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
cmp.quantcast.com
R3
2023-04-14 -
2023-07-13
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
sendtonews.com
Amazon RSA 2048 M02
2022-11-21 -
2023-12-20
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-25 -
2023-04-25
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01
2023-03-02 -
2023-06-16
4 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
securedvisit.com
Amazon RSA 2048 M01
2023-03-01 -
2023-11-26
9 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
b3.tunegenie.com
Amazon RSA 2048 M01
2023-02-17 -
2024-03-17
a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-28
a year crt.sh
*.google.de
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-09 -
2023-05-09
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2023-02-28 -
2024-03-28
a year crt.sh
*.undertone.com
Amazon RSA 2048 M02
2023-03-01 -
2023-10-01
7 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
quantserve.com
R3
2023-04-14 -
2023-07-13
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
www.google.de
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ipredictive.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-02-02 -
2024-02-01
a year crt.sh
*.pixel.ad
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-24 -
2024-02-02
a year crt.sh
*.westseven.media
Amazon RSA 2048 M01
2023-02-17 -
2023-07-22
5 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2
2022-09-02 -
2023-10-04
a year crt.sh
i.clean.gg
GTS CA 1D4
2023-03-27 -
2023-06-25
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
*.a-mo.net
R3
2023-04-13 -
2023-07-12
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02
2023-02-09 -
2023-06-27
5 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-03-28 -
2023-06-20
3 months crt.sh
*.storyblok.com
Amazon RSA 2048 M01
2023-02-22 -
2023-09-15
7 months crt.sh
redintelligence.net
R3
2023-04-10 -
2023-07-09
3 months crt.sh
adv.office-partner.de
R3
2023-03-02 -
2023-05-31
3 months crt.sh
pv.medialead.de
R3
2023-04-15 -
2023-07-14
3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-02-22 -
2023-07-13
5 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
*.webgains.io
Amazon RSA 2048 M02
2023-03-02 -
2023-09-21
7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01
2023-02-28 -
2023-10-28
8 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-08 -
2024-03-10
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.listenlive.co
Amazon RSA 2048 M02
2023-02-21 -
2023-09-20
7 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2022-12-06 -
2023-12-05
a year crt.sh
eu.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA
2023-03-16 -
2023-06-14
3 months crt.sh
*.live.streamtheworld.com
Go Daddy Secure Certificate Authority - G2
2023-03-19 -
2024-04-19
a year crt.sh
*.streamtheworld.com
Go Daddy Secure Certificate Authority - G2
2023-01-24 -
2024-02-25
a year crt.sh
adentifi.com
Amazon RSA 2048 M02
2023-02-22 -
2023-09-03
6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2023-04-13 -
2023-07-12
3 months crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02
2023-02-21 -
2024-02-05
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-07
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
gumgum.com
Amazon RSA 2048 M01
2023-02-14 -
2023-10-05
8 months crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01
2023-02-24 -
2023-06-29
4 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01
2023-03-24 -
2024-04-21
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
d.adroll.com
Amazon RSA 2048 M01
2022-11-08 -
2023-12-07
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2023-11-06
10 months crt.sh
*.iprom.net
R3
2023-03-01 -
2023-05-30
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2
2022-04-21 -
2023-05-23
a year crt.sh

This page contains 85 frames:

Primary Page: https://www.theticket1590.com/
Frame ID: 856F766999DE8D6AA77E1874D1143C6B
Requests: 223 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 4C94E2178EB3695854704175E4A5060B
Requests: 19 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Frame ID: 088F820E6616948F7C4BAF729FC1773F
Requests: 6 HTTP requests in this frame

Frame: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A44DD9D4FB36495C5A969D6C89C4859
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-BN6VStVE7gxpHhQzy6j8wVrzdOep1F9X_DbzeTiNo_1UVcbdzJwgQPbAMNlcQyQA6m_ymYtbVxjR2ClQkSEsdFnAmL1GI10tuk6SHY0YbGIuHe1dt3-fZ5Gee8hTrdbH6eHuSUgwucCkmKz8AhBERdPMyobJT8r1w8-LZAn6m8NimaI57YcRBGPFmgmwE-iXH2LOPYJYYmB-gfR-HglntTAYmEtzltia9be4uR-qacJJcOEb7ax_cjbjkHhXsaMdUrKSRj1Rt-7Lb-CkdYgV7Xkzp3JDGbVfzvunTVUbFFJ2lTNgevw6adkmQDb5&sai=AMfl-YQxJzRDQa1OtnX7v_ZJOxW3YPtg53KuVrbl8aX786py53wEknn3zemyEfzN8U_2-7prqVv2jKsWP_l9msF7HGLR2HLxjgPPMj6YRTZyEHD0JLTZ9kJKy5KByLJajiA4Xmwcy9fLYGo64xmJAAA&sig=Cg0ArKJSzOkTcQgpZMsUEAE&uach_m=[UACH]&adurl=
Frame ID: F7289D85B8D7E0717F538C8BD3C59686
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKVr-w16yKHTIdXDMcC5Edt0VcnZL8KkfU2kEBAWgHbiPifjnU8E1vbgVmZTBpD2MHinrhI9pqSadZuUTkq68k7luQo5or_k_vZEl7P3FRFukH7ww2WuwFfavrOyiM8JTq_dFcIC_Nf865HZMhtIgaFpGzh8WnqPEhmOiVra1wp8S-ltls4vioGA_I5Gk0apwMZPn_Cd3qUaruZfio3tUYqhqIvprxZe2VxA7mmrcT7dpDJh_i4uxAw_5Nn6hcLRTbznhT4_J1AiCtqLvon_6XSNBagSFmtqaGGQ1fBO4l-giHlv6c2fW5c0C4tde3KC3I&sai=AMfl-YR4G830TzKnF7u21YVTADkTEjGbAihpioUVl-FViFmK2Zo3DSk-q8IiFvBG9GHBBg_sVtUXvGBavcaA8unj9boJsKHbglSogCSyRbn9KcMwFiYGLLsbesWlIidKPqhNQg158LfN133DX-qaZhR_&sig=Cg0ArKJSzL3_0Y-oM3ujEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 81978B0640D8B4E8CBB35D3F37940CEF
Requests: 52 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?gdpr=0
Frame ID: CDCA2393E5B43C9CAEFA79DCBB9B4EDF
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 53F554085F6A3228ADBDD50FFFD9F459
Requests: 1 HTTP requests in this frame

Frame: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCA90B76C293279D83171320DCD3C6FB
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUavYd6Caa39C021HjogWxLpS38ciM-Y3-mT5lr6iYPoLlIOPFoushpz0I_exNS9klpoiOqmFb9bifCTmz4hLpHuzdutdeblk555SmeRK98FQUc7EA
Frame ID: FADE7EA22591E0C9F6E1E2AC502D5FA5
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: FA77B6D44E96EA125A9B113DD054E392
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 326E6F715755E66D955B095B9149CDF8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4AF45B4081909BE17020D2A2EDEDAC4C
Requests: 1 HTTP requests in this frame

Frame: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F6A5997C9BAFDAF0C4D2064616B48EE
Requests: 19 HTTP requests in this frame

Frame: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Frame ID: C00122A83DFC978C16DFCFFB650A79D7
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVHsBCdqpH_Xq73Hb57Duw4OSvxrRWJi1H1aXh9vS-vtm_ln3Y1rFiB2zxCGXkqKUS1KEvni76tygGnx5rdhx3p6YGHH1sOxZsX3oT5x6OOvu1HH_Q
Frame ID: C1B98DC908003F01E7E06123DEFEF2AE
Requests: 5 HTTP requests in this frame

Frame: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2485D22121B2EB5456F7063EF9EF6FB5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: DF67E65AF34B407543D18A4F915DB37C
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64051800150414804444550012297007&t=htlp
Frame ID: 6DE206A13A2D681F921267A9570B7AD6
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518
Frame ID: 96F4CD343986144FC92E8019B727FCDA
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Frame ID: 5B727D460BD8079B548CDB133A12255B
Requests: 6 HTTP requests in this frame

Frame: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B0F7396764CCFED48B87B8C8C6CD2F1
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 955217C83FF9038F1DBE84711C4B4B18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0DC4044CC40692C10F361EA03D95A62
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNXfCPEYqxB7hmyMvSuzv0cR6SU3Fk3cu-uH4xPzRpWuBKGhuYplDkqZhJXYKNf4lI5iH2q_2HmXMk8ksQrx6Pe1rkaz6U0uliBfMpZRt1u29JFuNuk
Frame ID: D4BBEF4E749DE5FFCFC3812B480D8808
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D64FFDE25D04C3BF69E49FA8D729D936
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
Frame ID: 078783A56E43716383ACBA4F7802F83D
Requests: 5 HTTP requests in this frame

Frame: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8CF69C90085AB055B435A0AC43EDDB20
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjV_KnbATAB&v=APEucNU7w4ZGoGq5Qc1YbqBytOBT2XGS1dU6L-IMwua2zgO26mgvG8LXKGbbMzyTgD-ylK410s9MvkHW98N_vONx3dTqUrayalxMATdG7OIGNmvyy4aEBbw
Frame ID: 39E94C368BBAA699D9A2F13E259481A8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F4FBD2A5F9A9A6FA3A1CB9460624340C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Frame ID: 19778E4C97D89F9BF77B904D805F1CD8
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 328E30E9BC375A2F248C6EC6583CB67D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Frame ID: 29599C2EC302A7E5D19EBA783ED63AFF
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Frame ID: 7AB6027133BAC8A57A90D3DE5D8D1D1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7144C1A3A89DD8920051ADCD5B79ACCE
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CC6F184DB7D25EA1D7DE03944B142A0D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85A3100C6AC676F37525B0CA8B3C1F93
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A7795C9359089945528515E522FAA5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D08A2D5589A26525F8409A195014359A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 53D2EA0F49380DCD2817E1058BCFA523
Requests: 2 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Frame ID: F6B77E53A3F2DAB17BA8F20D7994639F
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1681762721833&gdpr=0&us_privacy=1---
Frame ID: 5ED6A7F6DDE32C56F782DA24E20C15D1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1220912E2C208F435FBFC9240687D6B6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D4B403445B0E45A15DF8E0AC808A8C5C
Requests: 20 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?us_privacy=1---&informer=13409936
Frame ID: 4491F3007303A1317FF3954773B86E35
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?usp_consent=1---
Frame ID: A73D493E2392A28CAC69AEAFAD73D043
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: C47340DBB1E2C0AC95732B292ABC28CB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 877065E552ECA3E31D5B80C0EB3AC066
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F498AB9639AC8AB11DA8A5BB7A582281
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 34A92ED7156360CA971D8E822C13ADC9
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 920EC9E0028FD58261466CAEC0EA6E7A
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 5DEBB4436C8F8371740985BE5B1329B8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 0DD9D189B9CEAC1474AF17E0C5DA9D8D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: CDBD67A173E92D6E2EDF96428A5C8232
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 2CBECC48B00E85453952EBE541CF4A50
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Frame ID: FC61E72174E6BEF457B09EB329C75D49
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 702E78FBF2412F18A3608FB2A51DD65C
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Frame ID: 288C8EA66B3D8AD5071A17F4DA7CDFBE
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Frame ID: 04C252F8BFD5141228B3C363BC6BE81C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 467D8217AAB38E7C0E6BA40285BF03A6
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Frame ID: 39A18C94336933752D4BD320FDA6C5E2
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Frame ID: 99A46A92CB5CDDBA238BAEAFD7F219A4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8F899C95-7455-4B28-A0AE-28E5289D5E5E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8BF7A1A7B647C8B8516CFD87C940B99D
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Frame ID: CBEAB8F05A567FB767D471EFB1AE8475
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Frame ID: 59AAA40E58FC30AA3CF734DBD7F7FAF8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: DBE3FB06D84A9597F6D4FFF1198BADCA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACa9U7Ie1MAACCrGNce2Q&gdpr=0&gdpr_consent=
Frame ID: D65EA0034717BFED2C54AF86452FA89A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2ppwADeKquIgAp&gdpr=1&gdpr_consent=&_test=ZD2ppwADeKquIgAp
Frame ID: 4EE5CCCCEC21CF809D4B6D39091D47C9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: AC8C52D49BC994AEDF2981497A11798C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A2209368FB57E0489D90A06D7C1A7B15
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B8CC28315ABA6DBB89C5BC6D8DB1529C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 636084703B3D222DB4BC8C3D0D21BC79
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A4A71AF7E5B803D24C8176111C056613
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=xcbqus1jg35v
Frame ID: 1386EAE628D52C09B9F56805B6EBF44B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent=
Frame ID: C7B6D22DA5E46AB367D6D9AB7F1C4A41
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 203788A7B6750D1D63DBE43876D4E620
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZD2ppwADfrMjjwBS&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS
Frame ID: 91C58E773A3765ED7D197F371D08B256
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTY5Y2MwZC02YjY4LTQyNzgtOWFiZS1kYzJjZGI0ZDlhNGU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 90C4DE255FAC8D7CF6840F9C10A8FA9A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 1F9C85019A78A221F5F5D09522F5C2B9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3640BE0E1B71D6A1DA5EC9FB39EA44D4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZD2pqMCo8YUAACIsMakAAAAA
Frame ID: 8309C22F88B834194231DFA7312900D0
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 6A88558D48431C20D513F1E1FAFAEA51
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: B083E068C8A82EDDE54DBCC3A4EC361D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=p05YMVz31OR0HbhQs7fn&pi=gumgum&tc=1
Frame ID: 24289CC6C7237E9440055B104376F828
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EE903FB75C28FC486D8B93FDB7327F0C
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

The Ticket 2 1590 | KYNG-AM

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • vue[.-]([\d.]*\d)[^/]*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

700
Requests

85 %
HTTPS

27 %
IPv6

135
Domains

218
Subdomains

157
IPs

16
Countries

9193 kB
Transfer

20899 kB
Size

167
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://embed.sendtonews.com/player3/embedcode.js?fk=5oC5qDti&cid=5513&offsetx=0&offsety=80&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
Request Chain 194
  • https://www.theticket1590.com/category/insurify/feed HTTP 301
  • https://www.theticket1590.com/category/insurify/feed/
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0&C=1
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZD2poTz-HOGiKbJ-73U3eQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0
Request Chain 301
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 303
  • https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
Request Chain 353
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
Request Chain 355
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
Request Chain 363
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518
Request Chain 365
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64051800150414804444550012297007 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64051800150414804444550012297007 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
Request Chain 414
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZD2poTz-HOGiKbJ-73U3eQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
Request Chain 425
  • https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_m_alw-on HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
Request Chain 437
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
Request Chain 439
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
Request Chain 450
  • https://um.simpli.fi/gp_match?google_gid=CAESEEdJYlZYOZenMxKkkB4XJmU&google_cver=1&google_push=Aer7DvISPOHg4bY69U7BE2NtArzX-DjsslPFscP-yqdsywjYkE9b6_Yqz8IR931WoytTAn6AqgqjrXKwtFyfwlzMhU_sMt6MD4s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F1114E19D3C46E5849A3AC0866C4ED7&google_push=Aer7DvISPOHg4bY69U7BE2NtArzX-DjsslPFscP-yqdsywjYkE9b6_Yqz8IR931WoytTAn6AqgqjrXKwtFyfwlzMhU_sMt6MD4s
Request Chain 451
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIS-42h7qY5gulD04FombsU&google_cver=1&google_push=Aer7DvL-UlWBV0pMw6mzLhcWQyC5_i3raHFLS1vio-kU5w_e9289TCSK8nx3FCrneaBXdl8TSZW27OX1XyV6xjCovSqY04PcziE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL-UlWBV0pMw6mzLhcWQyC5_i3raHFLS1vio-kU5w_e9289TCSK8nx3FCrneaBXdl8TSZW27OX1XyV6xjCovSqY04PcziE&google_hm=eS16OXZnRFp4RTJwSEp3NEpwbGVFNTNOejl0NmFxaWR2Mn5B
Request Chain 452
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHZfsqztzBN9hUUlGT3ROCY&google_cver=1&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UPxRHc HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHZfsqztzBN9hUUlGT3ROCY&google_cver=1&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UPxRHc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UPxRHc
Request Chain 454
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGAWSptW18FDjKCMAPbwEkE&google_cver=1&google_push=Aer7DvJdz7a3ZOx1wz8JGK1nrncatBnKr8t4q7Kg5uy4Q6JF3EUNY8OvqjgLOg9LVcU5RVvwljdSkfvjAJbOCK5UITFhRm5CLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGAWSptW18FDjKCMAPbwEkE&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&google_nid=index&google_push=Aer7DvJdz7a3ZOx1wz8JGK1nrncatBnKr8t4q7Kg5uy4Q6JF3EUNY8OvqjgLOg9LVcU5RVvwljdSkfvjAJbOCK5UITFhRm5CLg
Request Chain 455
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHPYtiWyRLWWn-psO9TwiGs&google_cver=1&google_push=Aer7DvJnFUciFN5Cdxz-K87TJ2ybSq-ZpzRTuunNtaFqaW6Su2X4X4vilNT6eAb5ecBtPrejxreLvWdNv4xXRdkbbgsdzisz5SU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJnFUciFN5Cdxz-K87TJ2ybSq-ZpzRTuunNtaFqaW6Su2X4X4vilNT6eAb5ecBtPrejxreLvWdNv4xXRdkbbgsdzisz5SU&google_hm=NDg5NTEwMjgwOTU4NzY3MzE1MA==
Request Chain 500
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO5EWlXIRmffjx8wDK8CUG4&google_cver=1&google_push=Aer7DvJCKhd-CitHrYhAagKJR5lJLfvjPlgtut-ekcGD73z-pS0mUJ53APm3ZmBXGfUOZMP9sL3SOKfSuCjbL03GiC_2O3Do2MY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM1ODU5ODg3MTU3NjUzNzQzMQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO5EWlXIRmffjx8wDK8CUG4&google_cver=1
Request Chain 501
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC4MDx65aAD47qsMSZnOxPk&google_cver=1&google_push=Aer7DvKbUHgioG9f2mV5hM9OAjri57MOy8Dqxe8MjaLrzg0IXdqVZaK_vFHS58U_HLuonWMv734zfn1m7ifOyZnSiRQTbm31QJz7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzExNTg5OTIxNTYwNzk0OA%3D%3D&google_push=Aer7DvKbUHgioG9f2mV5hM9OAjri57MOy8Dqxe8MjaLrzg0IXdqVZaK_vFHS58U_HLuonWMv734zfn1m7ifOyZnSiRQTbm31QJz7
Request Chain 502
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBYMf8ssAozqEjkmEaoGakk&google_cver=1&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7axaC8XTPaTawS8tJCAUKpQ7 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBYMf8ssAozqEjkmEaoGakk&google_cver=1&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7axaC8XTPaTawS8tJCAUKpQ7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzMjEzNjk4OTY1NDExOTIwOQ&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7axaC8XTPaTawS8tJCAUKpQ7
Request Chain 504
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEOseFV3gi-gFl6gazGCYY4M&google_cver=1&google_push=Aer7DvKYnHDBbG9H1qG8Ct65hbgCV-M7nEUdQTGsXwc1K0VpTqgz7BoiW_CzxLcFfNTnGPZ267F5tSpWeRqEtJTvtBZikjWiItpNYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvKYnHDBbG9H1qG8Ct65hbgCV-M7nEUdQTGsXwc1K0VpTqgz7BoiW_CzxLcFfNTnGPZ267F5tSpWeRqEtJTvtBZikjWiItpNYw&google_hm=QlMuODEyMC1mZTBlLTQwMTYtODBmYQ==
Request Chain 505
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP-hlOacCCeyhUHtniZoLKk&google_cver=1&google_push=Aer7DvIDa1t8cSEqvnd7P6mIcBMjnQRezyEqRzV-vEHtavIN1WLQ-FGz0B9-X3wyfSsDolphRCjJdKmnDaX58LNbrMffAqucqOp6EQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySk11THk1RTJ1Rmh2Nm5Bd0NBT1NxRFRubFllQVQ3bX5B&google_push=Aer7DvIDa1t8cSEqvnd7P6mIcBMjnQRezyEqRzV-vEHtavIN1WLQ-FGz0B9-X3wyfSsDolphRCjJdKmnDaX58LNbrMffAqucqOp6EQ
Request Chain 506
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBHXf8Uz3R1tmFwrM8HLydQ&google_cver=1&google_push=Aer7DvJ2DQpNpdovLCn8RyAoMZp78Lv-X5S7-fhyj62e46loXYCc2ljXcNtZktmFMiIQgezdiWKPvr6atN9c9-9ToQi-GnG-5jKLmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJ2DQpNpdovLCn8RyAoMZp78Lv-X5S7-fhyj62e46loXYCc2ljXcNtZktmFMiIQgezdiWKPvr6atN9c9-9ToQi-GnG-5jKLmQ&google_hm=NDg5NTEwMjgwOTU4NzY3MzE1MA==
Request Chain 521
  • https://sb.scorecardresearch.com/c2/16059128/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 526
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/aDR7EoZIb91PP4GaG-zeag?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zefZwh5E2oI2GmchY5H8GEgMRpp4xY8guaFJIQ--~A
Request Chain 527
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eB4AXFm0S1mJk7CK8qUKIQ&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eB4AXFm0S1mJk7CK8qUKIQ&gdpr=0
Request Chain 528
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdMQTNQN1ctMS0yQ0VG&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIdZygnD5hz64LBq7xPkWGk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMQTNQN1ctMS0yQ0VG&google_push=&gdpr=0
Request Chain 529
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGLA3P7W-1-2CEF&gdpr=0
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGb5Sl2ajkteJ6SyQsjX-uY&google_cver=1
Request Chain 532
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lQc1yYBJT-ejSSBs7JcyLA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lQc1yYBJT-ejSSBs7JcyLA&gdpr=0
Request Chain 533
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM0YmY4NjI1ZjFkOWY2Y2JlZDAxY2E3YjA5NzZiMDMwYTVjNzE0Mw&gdpr=0
Request Chain 534
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM HTTP 302
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM&bounce=true
Request Chain 544
  • https://loadus.exelator.com/load/?p=930&g=3&station=KYNGAM&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=930&g=3&station=KYNGAM&j=0&xl8blockcheck=1
Request Chain 553
  • https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=8004736833800347646&pubId=10649
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=triton&stn=KYNGAM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triton&stn=KYNGAM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triton HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8132136989654119209&ssp=triton HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=7c8ea65b-6a3b-44c1-aec4-fea71b762163&stn=KYNGAM
Request Chain 557
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=0c4ee6bb09c5d8e0a413e747970dcf62&pubId=10649
Request Chain 558
  • https://ums.acuityplatform.com/tum?umid=133&uid=12ee1870-635e-4190-a629-ef271d21c26a&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768606435481&pubId=10649
Request Chain 560
  • https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=7b71643d-a9a6-4200-9fb0-8cb125a64d67&pubId=10649
Request Chain 562
  • https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=KYNGAM HTTP 302
  • https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEF0IT-itcvXf3wbhrdvI3H4&stn=KYNGAM&google_cver=1
Request Chain 564
  • https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D10649 HTTP 302
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=2358598871576537431&pubId=10649
Request Chain 583
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 585
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SKiDmeVE2uHuMRLQmfBOlSYDA9SYgoj2~A
Request Chain 588
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 590
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
Request Chain 592
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=6dy60g7zuojzja4vh293hynae HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=6dy60g7zuojzja4vh293hynae
Request Chain 603
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 608
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8004736833800347646
Request Chain 609
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Gf2CvBZHiDEZn3fgTRuCJhm_
Request Chain 611
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1681762727600 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2925491953 HTTP 302
  • https://sync.1rx.io/usersync/turn/2358598871576537431?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-f2c07d12-d886-467f-9cd2-532bb8d23120-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003
Request Chain 612
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=4895102809587673150
Request Chain 614
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=0263e6e0-f86a-469e-a998-a2a490e30af8&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 615
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
Request Chain 616
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-bbd382e8-e79d-391f-aff4-71324c00820a
Request Chain 617
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
Request Chain 619
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 622
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
Request Chain 624
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8004736833800347646
Request Chain 625
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1697573927&external_user_id=831a8632-f5eb-44dc-a95a-049196464108
Request Chain 626
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z6mFLpik13rU_o58wKqbf8ql0HnUq9R7zKrJZD7i
Request Chain 627
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZD2poTz-HOGiKbJ-73U3eQAA%265240&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=69256aac-99d2-4215-aca0-5875a893fb71-tuctb372f27
Request Chain 628
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=4895102809587673150
Request Chain 631
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
Request Chain 634
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8004736833800347646
Request Chain 636
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZD2poTz-HOGiKbJ-73U3eQAA%265240?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2poTz-HOGiKbJ-73U3eQAA%265240
Request Chain 637
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=d7787a1a-619b-407d-8e00-08baa1fe90de&ssp=index&expires=30&user_group=5&bsw_param=7c8ea65b-6a3b-44c1-aec4-fea71b762163 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
Request Chain 641
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzc3NjU0ODQ4NDcyMTU0MTYzNg==&gdpr=0&gdpr_consent=
Request Chain 643
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b69f245-bb3a-4f6a-b285-c0650d1e039b&gdpr=0&gdpr_consent=
Request Chain 644
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 645
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4895102809587673150 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 647
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=573467214787193457 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 648
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3GF0fotsJirHNn8s02JqL9ltISnHYyUr32IHCiCh HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 650
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8004736833800347646&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 651
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223115899215607948&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 652
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 653
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYTlVN0llMU1BQUNDckdOY2UyUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACa9U7Ie1MAACCrGNce2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7776548484721541636&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACa9U7Ie1MAACCrGNce2Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7776548484721541636%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7776548484721541636&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACa9U7Ie1MAACCrGNce2Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACa9U7Ie1MAACCrGNce2Q&gdpr=0&gdpr_consent=
Request Chain 654
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZD2ppwADeKquIgAp HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2ppwADeKquIgAp&gdpr=1&gdpr_consent=&_test=ZD2ppwADeKquIgAp
Request Chain 657
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 658
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 660
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=xcbqus1jg35v
Request Chain 661
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j4mclXRVSyigrijlKJ1eXg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 663
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4074867268 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 664
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2M0a1dYRjdNV25SUGlCUFljT2RCRlZ3Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8132136989654119209&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 665
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEY4OTlDOTUtNzQ1NS00QjI4LUEwQUUtMjhFNTI4OUQ1RTVF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 666
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN6JHxk9vmUoWzKWLsy3wfM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 668
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8132136989654119209 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 670
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EyHo2N1E2uUD1jw7Dh045hxVa9GDxiM-~A&gdpr=0
Request Chain 672
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_01d0677d-bf75-47b2-9840-2173bba8d9e5&bsw_param=7c8ea65b-6a3b-44c1-aec4-fea71b762163&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 675
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2358598871576537431&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Request Chain 676
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8004736833800347646
Request Chain 677
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:780d09c6-c93c-473b-a110-f663e90a6676&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 681
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8004736833800347646
Request Chain 682
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0ab1a7cd-0df1-4934-a43a-d5521193d4c9&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
Request Chain 683
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28l3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28l3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&obuid=ENC(l3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform%26obUid%3Dl3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S%26uid%3D
Request Chain 684
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=5d9c08db-7695-4133-ac3e-05cf2d3d4bb8
Request Chain 685
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
Request Chain 686
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ZI4s2ddE2pemmpTU9Idmt1MfqHB6cDFaj9uC~A
Request Chain 687
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1941bc92-8384-4099-8362-d68b8b83e07c
Request Chain 688
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 690
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=I4dHLywx2o65_AZAutd3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SJUMREEY6LXPAZG6NRVL5AVUQLVORSDGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SJUMREEY6LXPAZG6NRVL5AVUQLVORSDGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=I4dHLywx2o65_AZAutd3&us_privacy=1---
Request Chain 691
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=384a2ced-21d9-4686-ac1d-d77678d9edfa
Request Chain 692
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Dqfma9lLPmZT&ev=1&pid=558355
Request Chain 693
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7776548484721541636
Request Chain 695
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent=
Request Chain 697
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZD2ppwADfrMjjwBS&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS
Request Chain 701
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZD2pqMCo8YUAACIsMakAAAAA
Request Chain 704
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=p05YMVz31OR0HbhQs7fn&pi=gumgum&tc=1
Request Chain 705
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

700 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.theticket1590.com/
114 KB
21 KB
Document
General
Full URL
https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
6a0a140eca955e306602472f41378148f0c38de3f20554c189377f78926e046d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7b975bbbac868ffa-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 20:18:38 GMT
expires
Mon, 17 Apr 2023 21:18:38 GMT
express-tag
F-27-IBMe1438
last-modified
Mon, 17 Apr 2023 20:15:29 GMT
link
<https://www.theticket1590.com/wp-json/>; rel="https://api.w.org/" <https://www.theticket1590.com/wp-json/wp/v2/pages/27>; rel="alternate"; type="application/json" <https://www.theticket1590.com/>; rel=shortlink
pragma
public
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-pingback
https://www.theticket1590.com/xmlrpc.php
x-powered-by
PHP/7.4.30
x-whom
web-16.ampcms.internal
x-xss-protection
1
themify-1981993783.min.css
www.theticket1590.com/wp-content/uploads/sites/1438/themify-concate/2889854223/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1438/themify-concate/2889854223/themify-1981993783.min.css
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc1236256d8bc4e006694b3f3a093aeddda254854c5f7c62358870888b5be50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 09 Feb 2023 20:08:07 GMT
server
cloudflare
etag
"63e552a7-c97"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
x-whom
web-18.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bbeb8628ffa-FRA
content-length
1270
expires
Tue, 16 Apr 2024 20:18:38 GMT
css
fonts.googleapis.com/
2 KB
928 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:36:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 20:18:38 GMT
jquery.bxslider.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/
4 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/jquery.bxslider.css?ver=20210512-3
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663d57136dd8c18d6664ef3f4331160ddea49bfb98913adfad34ed44a0553883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9VHKD90SJPS84F
age
115074
x-amz-server-side-encryption
AES256
x-amz-id-2
O1dLMf7E78tZ0XocYVOOLyTmq+//wRYIPgY3w0oP6UwiqlefHLbOmPkEse50NYt4O3NxuVXiGhU=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"3d8eded099b511ffd114be32a648fa78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a7b0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
widget.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/widget.css?ver=20210512-3
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364d2db94de8213f27558dbb869c4a5d21ab12c8407bf1aa318a23c73aa3cca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
QVDNED1EYVB1CJMF
age
929574
x-amz-server-side-encryption
AES256
x-amz-id-2
6S0qsrLMMke7+S5PMj2pF1lIAg+5A3AEKDrQnBs/altakSd1GoGO/ezehBXK8dfY1L2KyFZbFLM=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"ea48abac6d07aeafed52fd865b27263a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a7d0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
/
www.theticket1590.com/
57 KB
14 KB
Stylesheet
General
Full URL
https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
42a18846ea5847a2ca49b9a6bb8d69e7ce2617d8bb6ed0aac3321a3ddb1b97fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 20:18:39 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-whom
web-13.ampcms.internal
cf-ray
7b975bbeb8668ffa-FRA
expires
Wed, 17 May 2023 20:18:39 GMT
/
www.theticket1590.com/
17 KB
3 KB
Stylesheet
General
Full URL
https://www.theticket1590.com/?headway-trigger=compiler&file=layout-front_page-https&layout-in-use=front_page&rand=1665645900&ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
6fbf167abc24414f2c6cec9b2459ce866f3bda86b6f39f77bd895e53c5ac8800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 20:18:39 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-whom
web-15.ampcms.internal
cf-ray
7b975bbeb8698ffa-FRA
expires
Wed, 17 May 2023 20:18:39 GMT
/
www.theticket1590.com/
2 KB
676 B
Stylesheet
General
Full URL
https://www.theticket1590.com/?headway-trigger=compiler&file=responsive-grid-https&layout-in-use=front_page&rand=633563210&ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
06ffc101b9e129d5b877a17bc6c3ade6101d1c637faee67267c45e4efe3801dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 20:18:39 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-whom
web-18.ampcms.internal
cf-ray
7b975bbeb86b8ffa-FRA
expires
Wed, 17 May 2023 20:18:39 GMT
style.min.css
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/dist/block-library/
93 KB
12 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
A9EQFV8PA5MR5BZX
age
928227
x-amz-server-side-encryption
AES256
x-amz-id-2
0vbxcOIyqP0e6kuzI4cuXSU2ruYKayAjGLcuUUKWLNCTOKxjF4T/uJBgc1iHEdbgS/ZA6RdldUE=
last-modified
Sat, 11 Mar 2023 04:12:09 GMT
server
cloudflare
etag
W/"71d925864153f0edf91037f3d31048e8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a7f0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
style-index.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-block-tools/express-countdown/build/
2 KB
669 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-block-tools/express-countdown/build/style-index.css?ver=0.1.720230417201528
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec517aa25da687ae3107c1db068b693383aeeb172bc6b3ff227de70ebff69d1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 Mar 2023 04:11:16 GMT
server
cloudflare
x-amz-request-id
JQMG9S13590R06HF
etag
W/"6198d82d49268c51af334cc7a7ee9112"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a800378-FRA
x-amz-id-2
pqw7oBnKGbrN7GSa8hZELPtzwYKLH/cor88sfoD8AXXLHqB9cfxpIz57xrSzECPtuqk6nnzF4Kc=
expires
Tue, 18 Apr 2023 08:18:39 GMT
block-rewards.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/blocks/
88 B
292 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/blocks/block-rewards.css?ver=20220510-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356962d8530e483cee9e73f446497291af6bee1ee6e400e17b6d0f6c7178d0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9PJT4WV3W6EH1R
age
86527
x-amz-server-side-encryption
AES256
x-amz-id-2
bX76QvFI9EAu7+Es0XgaHCD864SvnRBGtWExh1PF0eYEarHtHItcqb2bxU2zPLfAZThJbw4SqWY=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"fa9c966d5ea5c223769ac7f0fac6091b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a850378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express_expire.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/block-expire-date/
150 B
444 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/block-expire-date/express_expire.css?ver=20220624-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79baa2f6c69e94c26e3ef98a0864578d0c7aa4744d49cc420e2aac1e5f74d978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
40EKW0GKEZX49R62
age
6578
x-amz-server-side-encryption
AES256
x-amz-id-2
i1K99dRF7P/OGUEM8rIikrtVbzl/0+kjO25NeAr7ErGODwS8HHvAdAKQI2XVXrxQY2b92tU/43E=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"b08487f3ef4231dced1d12290c02062d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9acf0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
classic-themes.min.css
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/
217 B
377 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9VY2P0P0T6NYSW
age
115072
x-amz-server-side-encryption
AES256
x-amz-id-2
6R+MR5eN1rSKXgJu2xH2bCA0G8w0eiOt7ggz4bePEOKplUAu4hH3aNuDesoHBgrJe8KxDPsDiHw=
last-modified
Sat, 11 Mar 2023 04:12:08 GMT
server
cloudflare
etag
W/"95e891f28e44a9b314c09545d86be2b7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ad60378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-common-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/css/express-cms-common-public.css?ver=1681391338
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c6d5d6a7b3ecdb323865a1b084488974fb96219d6620cf8a6e715d02cba55c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
8XBBA3R7SRFFNJK1
age
365285
x-amz-server-side-encryption
AES256
x-amz-id-2
3y3h0tY/objTEPPpLHyN5N4bEPe+Vekxr6MQfFzh59U6ZVu8n0n5klR8tvI3oNHbVtxIl5/54HQ=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"f7410fa02e7e75befc3cee9ddc0c945d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ad90378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-ad-manager-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/css/
98 B
435 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/css/express-cms-ad-manager-public.css?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
1ZPPXWZVRFT59D2Y
age
2436202
x-amz-server-side-encryption
AES256
x-amz-id-2
FfvSXM1GXERTru5LkagOJSNFk6j8WbS5qxKo9iinec+Lq/9lSpJiFKESzb7NbW4OVXXBwwNJR9w=
last-modified
Sat, 11 Mar 2023 04:11:16 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ac80378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-codes-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/css/
98 B
250 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/css/express-cms-codes-public.css?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
E5W97HYJ8SW5HD8S
age
928220
x-amz-server-side-encryption
AES256
x-amz-id-2
qOB+2btcKIyPyGDoqP0WlSmis9jgKg7StF7L+OMU0/Yiyg2m2c0Lfen6XL2GJLK7axVzX7Mb7T0=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9adc0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-control-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/css/
98 B
302 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/css/express-cms-control-public.css?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
1ZPJS9X2YWD5BHM4
age
2436202
x-amz-server-side-encryption
AES256
x-amz-id-2
0/em1Q4iy2finMyYX563yJorhiZZ+5/UYg3AVSFncm/W7PPxwyV8Ns6BGWu1HaPUfr02zGt6SP4=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ace0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
breaking-news-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/
9 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/breaking-news-public.css?ver=0.3.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1152e980ab44d04a8f640455607ce095cc3b1ec1231d32399804114d69913c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9MCF4K9H4MDY1Y
age
85211
x-amz-server-side-encryption
AES256
x-amz-id-2
Rtlwd2779TuV38qAyQ399FhheufEsw3JR9ouxVGD56BSHnDZm8o9TTWSjqQ13hxSuswfsw1IEM0=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"a44527265517fb5d5a29968d72a4dbd3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ad10378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
animate.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/css/
67 KB
4 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/css/animate.css?ver=0.3.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
NPKJ1HG0YX02T9JY
age
387581
x-amz-server-side-encryption
AES256
x-amz-id-2
oKneILoHiX8rrgVJLXhZt7YSTNgKYmSl27f0VVhfLw1LFMLnLDTlh1ouowjZG3iwE7jAcBDYUbs=
last-modified
Sat, 11 Mar 2023 04:06:45 GMT
server
cloudflare
etag
W/"56848eb884e1ac347f711ae327419110"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9acc0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-events-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/
98 B
280 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/css/express-cms-events-public.css?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
E43VWHEQ5CH9AY69
age
2151759
x-amz-server-side-encryption
AES256
x-amz-id-2
xLNCJ9WzE/O6upCaKWm0RljM3rl4g38dkXf7j7u27YHwzHPvxNuChh6J7hl12PJLwu1JGWZINpI=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a870378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-tools-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/css/
98 B
279 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/css/express-cms-tools-public.css?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9VKR4RRVGP214T
age
115072
x-amz-server-side-encryption
AES256
x-amz-id-2
OgPMpSM31+7E5abuGAQEGBuNRBYMA/XGyl2I5EBpjL7daOwpJZ93cuF1dM7RaK2yfsc4/7PnX5U=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"e6094661d8923e95b233019ebff7c8f0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9abc0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/css/public.css?ver=1.7.2
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bd6b22e0e4e140047d4f01cc2b8a964cdd475739c75479b847a3ba642dd94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9JD8R6K2RJAR44
age
117550
x-amz-server-side-encryption
AES256
x-amz-id-2
qP4EeIP/nm/tCtecRfgt30Jd0ewKJ7KMsT1+nkNyzqYDshNLsFy5b4M8TcPv3xDlLIVUI+7fkLs=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"d61f21724bcbefb7b79d6f6e2d5f4622"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ac30378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
calendar.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/calendar.css?ver=1.1.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e19a2ec15cb7e80c28f326f1463ec063cb292de5cb20dec763f79b831177c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9N07JQ01QJQVXA
age
85210
x-amz-server-side-encryption
AES256
x-amz-id-2
ZvlQ5GpFn5xE/x+jOsDmDPdNbUvBzl0nzzRzRwgmzbVqtzk0AkEWet5bYWfeDhnQ6iEmvUTxI80=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"babf519c8e28f14aa61a4cf558b27e2a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a860378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/css/public.css?ver=1.1.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd48a56070c3af9e25a8f34adc58f5e3743d38740734f46128b58ffe3da24280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9YWWXGYDDJ8NQY
age
115072
x-amz-server-side-encryption
AES256
x-amz-id-2
Ag+mpqL5qS6ojA7i/GwoB8SjzTUie/W6+zcM/0iQGnModK6epffpCdCbcQ8N2bJ0khOLJa4xERg=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"5138cb832a8e598cabba91458112078e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ac60378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
feed-public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/css/feed-public.css?ver=0.6.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d922cea252e89b5aba0193964a03e26866c41b08f107a5cb8576e12a9024b6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
46QCRX2TCRA3D3KY
age
2120787
x-amz-server-side-encryption
AES256
x-amz-id-2
fZ2xNAbvL438LUBy0gU4MqN0ebCTva1fSePhpeB0R5kn1oJ7hd/WhqKnTbXwfr0DHH2E8gS7DDs=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"9b316e25207a6111665b26028161e836"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ae00378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/css/
619 B
466 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/css/public.css?ver=1.4.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9785da0a16c2b952d3c30278bf776dcd2ffb2236c53c681067c8b3b40ed813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
VPW990JV9AWJPCWS
age
328682
x-amz-server-side-encryption
AES256
x-amz-id-2
5f/UoCIo6CLnfT+38AjL96U8hP7Mx00btehIJglzKvT2Bvu004r2s9lvqqsScevFDLraCoF2Wrk=
last-modified
Sat, 11 Mar 2023 04:11:20 GMT
server
cloudflare
etag
W/"eba464e761f24a712d4c53a6147ae097"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9add0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/
70 B
279 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/css/public.css?ver=1.4.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7122641b831b99a8688c6ab2e7b68c7c14e8c87ae3123de798ddf227c9c98f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
XQG8BB4M6WM0JBGT
age
330172
x-amz-server-side-encryption
AES256
x-amz-id-2
4Sju8wrMwDjNmaXuwBSJQ01y8k9FrmiKyeyluiqSCNLH57qXz7QLa/3/b+IHQrLmlFL6NStB3KA=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"81670b1875121f3af0053a25996ee983"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9abf0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
amp-header-rotator.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/css/
323 B
365 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/css/amp-header-rotator.css?ver=1.1.5
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295d7a89edba340ba21a782d60adc4cadfd7fbd2ba00d9f2c931425ca1349dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
HD6XPJWB4JT9KN8X
age
85209
x-amz-server-side-encryption
AES256
x-amz-id-2
GD+iF9byu0xO7nbyjaNrW57HCY/M8WwR6jkJmmOg6Oevc2DT+EvvaEM4PmKZSt1QFeggZ27o/Hw=
last-modified
Sat, 11 Mar 2023 04:11:49 GMT
server
cloudflare
etag
W/"1993870d47aaf4540cdb59b256e9b4cf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf7a890378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
jquery.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/
88 KB
30 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
HWYWRHSRD1K2TFD1
age
2255926
x-amz-server-side-encryption
AES256
x-amz-id-2
ZOQ2S0FrXfpeWrvdO4xvTrrnDm8/DTkJJ01NFuboVwYsUtmqDPCuPpGmjV4FraA+LdMpwhJhzGo=
last-modified
Sat, 11 Mar 2023 04:12:19 GMT
server
cloudflare
etag
W/"17738318d61d394f1de8890d589afaec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ae60378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
see.js
engage-see.franklymedia.com/widget/see_3879/
0
0
Script
General
Full URL
https://engage-see.franklymedia.com/widget/see_3879/see.js?ver=20220510-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

jquery.hoverintent.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/
5 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/jquery.hoverintent.js?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b0c31b7787a7bef6386448b3309dce9e0e1752f0a7cc740ab646e571c20515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
AA4T4DB0ASFBYAYB
age
896928
x-amz-server-side-encryption
AES256
x-amz-id-2
eKZCnqMMVAgfavbB85g/lxDlyEZPAO+aJO613HRXqbw3ojBC5EYdLbz160X0/CBAE0fbHkiCqGU=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"218669b2e0f3b74f1b1070ee47c2f5c3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab010378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
jquery.superfish.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/
7 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/jquery.superfish.js?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790bf3c108253318c0f755902849eed9f8e9bc3c0d1e80908f88306a716c1121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFP85MA46XH3P6MQ
age
115071
x-amz-server-side-encryption
AES256
x-amz-id-2
jXSNeU3NFxBSFuIlIAxR9mmq7te3quLV8IzhZ5zPx9trOar3BINWg0bKo7po79be5sH3ekT3EnU=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"e25252b091be6a11d7f4c02b79741e9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ae80378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
selectnav.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/
4 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/blocks/navigation/js/selectnav.js?ver=1681391338
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54914436c21b3b9381a395a47ccd0aef9ee898fd5970759bebe9a6b7d82a80c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
8XB16651MX87HC1P
age
365285
x-amz-server-side-encryption
AES256
x-amz-id-2
uFJj4zOHnYMxpSXXOXKiVGOTaUHlExIEu5rEosZGqChmzmPB4p9NWaIBD5k7ijzO3Ova8sWL/0E=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"0b943fc1c8846b14bdcb1248bd42cfd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ae30378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
/
www.theticket1590.com/
1 KB
606 B
Script
General
Full URL
https://www.theticket1590.com/?headway-trigger=compiler&file=block-dynamic-js-layout-front_page-https&layout-in-use=front_page&rand=1640508819&ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
a649351f652adc12bed8508d1208fcbd383330ed6feac5f3b62c911214a9110b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 20:18:39 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
x-whom
web-23.ampcms.internal
cf-ray
7b975bbeb86e8ffa-FRA
expires
Wed, 17 May 2023 20:18:39 GMT
jquery.bxslider.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/
19 KB
5 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/jquery.bxslider.min.js?ver=20210819-12
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fca634634da26dbe8550625e906c79d696fd3bd2202274dde486b3a764a17ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9M4RT4X6VN8GSN
age
95349
x-amz-server-side-encryption
AES256
x-amz-id-2
Bbq+jJltke3JEdR0dR8kRLv+H8byoXy+AO587s/ZoNt9I5+7ZrShNCu7aBp2vvucR6aR/VXVMaw=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"0cbd064ae0b34714d93db7608d4c9c0f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfaafc0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
widget.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/
7 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/widget.js?ver=20210922-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aef316686fd7fd39547fa8ffd64c18177dbd0e38f4f606adb68e9ea83fb2e8cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
J8065KV97Y8T5WH7
age
329119
x-amz-server-side-encryption
AES256
x-amz-id-2
P9iwXdz0si5G5HsaY7w1w+XtoZh26HQAbSCBW5bplUqP60zZG/TLaE7N0fxerdplEUj3D9mecxM=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"b944e8ab21340e5c83c9db8f822e5b69"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfaaf90378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
jquery.fitvids.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/
3 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/headway/library/media/js/jquery.fitvids.js?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9183a7bbc56ea4bcaa21f5c619e23a4dddbe13b3017443e703ba53ca27bffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9G9JNNAP48NE5F
age
117542
x-amz-server-side-encryption
AES256
x-amz-id-2
wvObfbeLtGPDo18Icu+SoN/BuIYvjC+YGZ2xLsowmwAqMdPLOwGx5QwS45Wd8xDC10QsfzM3KWI=
last-modified
Sat, 11 Mar 2023 04:11:51 GMT
server
cloudflare
etag
W/"3d00f866079c34dbf7f7bdd4a235efad"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9aee0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
/
www.theticket1590.com/
69 B
256 B
Script
General
Full URL
https://www.theticket1590.com/?headway-trigger=compiler&file=responsive-grid-js-https&layout-in-use=front_page&rand=490903966&ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
63c817698a0c1c81dab9b49270009f2c154c57b83f6bd04c29a70a9e6de2d441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 20:18:39 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=2592000
x-whom
web-20.ampcms.internal
cf-ray
7b975bbeb8728ffa-FRA
expires
Wed, 17 May 2023 20:18:39 GMT
amp-common.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/
13 KB
4 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/amp-common.js?ver=20210629-03
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e43c5f1049dad60b6981e789374eab9014c14fc5797db38916c20c2084e9eaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
A077JQYD4QWW1672
age
2443318
x-amz-server-side-encryption
AES256
x-amz-id-2
V7g2uRxWS/mSR/Qw1lrSf59FuCowew28lGXKhSJJuliHvAKL+q+OlFyQgtx33KW6SH2DaOzmHtM=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"f42f308363741a65795ebb49859e9d52"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab020378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-common-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/js/
4 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/public/js/express-cms-common-public.js?ver=202200726-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1032836036e1bc00061c64c8a625fe47b9aece6db4af4fe488bf24d60d253b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
XVSFZ20AV6KW1YKN
age
2212750
x-amz-server-side-encryption
AES256
x-amz-id-2
FnjrMaSXoLowNnXtsIrCUEpyU0SLHa357JxSlP3KUqsymc9q4FsLw3UciqhmsAH8C89rSNUfEQI=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"88b1ce5cc9f277e90cdc8db3b7164a1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfaafe0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-ad-manager-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/js/
838 B
643 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-ad-manager/public/js/express-cms-ad-manager-public.js?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
A07BJ2437GAC8Q8X
age
2443318
x-amz-server-side-encryption
AES256
x-amz-id-2
JNqynRfWr83OYbeo2V6ADHhla9Et1on+wVWKm3R1ltnKHgt+MgqlT11s6G7HGZMTFSp8ftdCEPk=
last-modified
Sat, 11 Mar 2023 04:11:16 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9ae10378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-codes-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/
839 B
645 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/express-cms-codes-public.js?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416ecac927611cfec67f7d37b7629ecffc9b545bb90364994b957ed72def5769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9QH45H6QEYKK8S
age
115071
x-amz-server-side-encryption
AES256
x-amz-id-2
peSq++ba95wW9cixYqmiLgZgkl/knCRcJkq11vozlrDVsKXPxYNJhd/JiCUL1RYjekxR0mCLjg0=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"5e068f886367c31bd5272d5c79038190"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab000378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
js.cookie.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/
5 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/js.cookie.js?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291b586499936c0e8938e1829cd7b1127599467d7a6fbacc43d610c6315d1897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9JMNPFM00NXC88
age
117540
x-amz-server-side-encryption
AES256
x-amz-id-2
2J28ZCJLGN03Bp14s7dMVe7AGgH950tvfLNCbrrZiP8buFv1l13rcNNEbgxklMI8IxQTbMdSk9U=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"055ed2845cf70fe617c5392770848be5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfaaf60378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public-rewards.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/
3 KB
953 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-codes/public/js/public-rewards.js?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978b3c36d61e5c2fd93072f6d18d95436bd9c302c5d77d1bbd74f62fa5ceae1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9QZCG6BP6FK29D
age
95349
x-amz-server-side-encryption
AES256
x-amz-id-2
hAw+bPPseXUjh5Ow8lN1RKTdT6IXh4eon3ZItDxUhZ1LJbZcSfgSRxDpK29xD9iLmvwhAifvkKY=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"9d8e599b4d452f2c3278b27158d2895e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9aea0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-control-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/js/
838 B
671 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/public/js/express-cms-control-public.js?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9VSTC5DTNBPD1N
age
115071
x-amz-server-side-encryption
AES256
x-amz-id-2
nlWpHkp8ToA0WoLAxQIrbrWcfPoO4teHMmPcE+J1B6VFkOn8QqMXo+20LRVrOE7GWMzEkfvp7XA=
last-modified
Sat, 11 Mar 2023 04:11:17 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9aef0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
breaking-news-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/
5 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/breaking-news-public.js?ver=0.3.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038f8a9eea843881ed306613e33bdf5172437c90214850d58cce2558dda1a131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFP76FD7GSDYEG10
age
110475
x-amz-server-side-encryption
AES256
x-amz-id-2
ObQo6xXmfQV2RQQtot80bRQQ/2hBCHk7xPwcsjob7ufviz1g7sXtsXg2HsLjTsiDPUP5mCILHB4=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"e177ed843616b70abebf81a6bde592cf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfaaf40378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-events-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/
838 B
638 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/js/express-cms-events-public.js?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFPDMKG19187EP87
age
95349
x-amz-server-side-encryption
AES256
x-amz-id-2
3RjqKI9UcH60LTD4OuMtCrLhG2XVXM7swCLOyLkNXpYsVEZU4WUVugH7XlzoOaqm42ThurLtHYo=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbf9af10378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
express-cms-tools-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/js/
838 B
641 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-tools/public/js/express-cms-tools-public.js?ver=1.0.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
AA4QK6183707J7CB
age
896928
x-amz-server-side-encryption
AES256
x-amz-id-2
HlFOaLF3FT3OFnrRS8wGM1wf5sa8O20VLdiFb0hOl4E4BEXAcTjVlQGFi2P90j1IlGJFIWXYjPI=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"49cea0a781874a962879c2caca9bc322"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab0e0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/style_functions/js/
507 B
545 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-control/style_functions/js/public.js?ver=1.4.5
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fdd97604374e58db3009dbad40df4e61a0a9fa5207d636049e9d3af4e62839a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFPC69D4J48JM9KY
age
95349
x-amz-server-side-encryption
AES256
x-amz-id-2
0S9N5VIu9yQb9xl/nv98AWE8OrTDZ0whu6M2VUXTX2PHXJlNpt8rUEWYSkiARXkP1wrYc7+6Zh4=
last-modified
Sat, 11 Mar 2023 04:11:18 GMT
server
cloudflare
etag
W/"0ee9c3d4b1a9df754082ddfcbf9a5527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab040378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
jquery.initialize.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/jquery.initialize/
3 KB
1023 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/mu-plugins/express-cms-common/js/jquery.initialize/jquery.initialize.min.js?ver=20210820-03
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71970f2bb23c0a4f6bbeadad64b42a9dde1b48dbc1aeafb584eaedc59049ee10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
AA4JN5XRHXFNHSFW
age
896928
x-amz-server-side-encryption
AES256
x-amz-id-2
q70ZHVwqTGBHM0n/eWS3VgHNeDVX7D/ZcZJNJx8+LlRMv77AmsJQe8u0ut1Wa39qHMVmeLye3H8=
last-modified
Sat, 11 Mar 2023 04:10:52 GMT
server
cloudflare
etag
W/"56825fbc8503ad011c82df0ae1750cd3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab030378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/js/
15 KB
3 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/public/assets/js/public.js?ver=20220707-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93fd543268145b18319b3d6e3f13a178413f2f5da535a2c860d0f9e17388816f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFPC7KKN45F8CR75
age
115070
x-amz-server-side-encryption
AES256
x-amz-id-2
Q05GHBKXb4cJLskxjtSMWBQhbuHGq2//yz+oH16rt7yuBXLbU2YFg0DYGkUawuPBLFutG0/+uO8=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"71d016d2bbbba5de2f256101ffbd15cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab100378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
calendar.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/
20 KB
5 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/calendar.js?ver=1.1.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e600024f21bbdff0ede268acc13b91584c47de9061fb04978c61bd5d1103efe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFP93Y1CADSQGEVF
age
95349
x-amz-server-side-encryption
AES256
x-amz-id-2
AaHPdeYu2SQNFsd4/P5NmQ+tsLs3vT/FxytKJu8yJ4fKF954vq1t+D8VL6o6mFJ3NRKKTXn7Ewg=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"61ef9a2d991bf52b61785025c7e4a1b7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab050378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/
294 B
381 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-events/js/public.js?ver=1.1.4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7342b56a65057bfcf933f9c4d08c18469bcebd01186dc3fa105c6b45fca4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFPA6Y68AWW4P1R8
age
115070
x-amz-server-side-encryption
AES256
x-amz-id-2
nizaXqIsnk4P8FeCBz4EPrQlvf/C99c05kxrX7ItrWjasSXhkBfyMgnn0Bf6akGmkf009UdBA+o=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"0737ef8f57ea72a50b7b6d58b2de3fb6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab160378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
jquery.totemticker.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/
2 KB
1010 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/jquery.totemticker.min.js?ver=0.6.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02e1c4876697288c0ff5900c69d9b5f2a9d1118958813c682ecbbe469c1aee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WFPAH2G1NCNGQRMA
age
95349
x-amz-server-side-encryption
AES256
x-amz-id-2
vE93Nvbke46wIY632OScali06dUZDS1vpUvRsF486yKbVNPoK1Sp7+REl2fW+r+iDLg9SthgmXw=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"ee3f51bd97e07c04f39b8133ddb81e8d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab070378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
core.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/
21 KB
7 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
R063WH8Q47TAH7NY
age
927302
x-amz-server-side-encryption
AES256
x-amz-id-2
bDpymkZd1NoBTIw2v0nninG36ALpKIJNKPGw7lJd1YhikMYnUaVnmm9+Wc5kAizBbVh+oaI42Ok=
last-modified
Sat, 11 Mar 2023 04:12:19 GMT
server
cloudflare
etag
W/"034bd11ecaf6fb9240d905245e42e202"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab090378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
tabs.min.js
express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/
12 KB
4 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
4R42036XRH6QWSNN
age
347409
x-amz-server-side-encryption
AES256
x-amz-id-2
qEDWsqH1P5Ye8Aws10dMdNet2wKc7DipNF7IUhxfDxR40uO6rmr7N8Wy3zk+njGsy+VGrp90M+0=
last-modified
Sat, 11 Mar 2023 04:12:20 GMT
server
cloudflare
etag
W/"88407dc30b83ffa7dd834fe4a35307b7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab0c0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
feed-public.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/js/
1 KB
620 B
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/public/js/feed-public.js?ver=0.6.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150861597da231bb966dfd09e58a556e104927ec8415ca49e3a3617596059f68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
V14EM5WAF1JWF2C6
age
414812
x-amz-server-side-encryption
AES256
x-amz-id-2
HukCk5ljaSA4i97qSgppGx4ySp+G0U4Ct1ah/ZxodPZWgxlpJya1aaEO9n4lGfnamUcps4NeHAc=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"e7280b4691fdd16ee788534554025404"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab0d0378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
feed-date.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/
7 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-feeds/admin/js/feed-date.js?ver=0.6.0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29669f0da6d433ce276d7b4e6223a3e70a4e9d9c6bbc788ef7d2291bdab64eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
A07AYJXQ1BFE5YHJ
age
2443318
x-amz-server-side-encryption
AES256
x-amz-id-2
QR1U6kVAvQaqUiWCdxrzrb+SZwq8g8J7+g0WNRCDM11AVrfmrc1Vpcafy2viRYu2ZZxajKv86FI=
last-modified
Sat, 11 Mar 2023 04:11:19 GMT
server
cloudflare
etag
W/"a7c017b1485d42fb4531b57c103a3a26"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab130378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
playlist.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/js/
9 KB
3 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-listen-live/public/assets/js/playlist.js?ver=20230417201528
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f09057ed1db27518f862dcefc307e3f6f3218e5244249bc9b291fc1018e7ea8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 Mar 2023 04:11:20 GMT
server
cloudflare
x-amz-request-id
JQMWW8H2H19GMRP6
etag
W/"ba0d7bab1a0d7a6c4fa6e63cfd9bab58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab120378-FRA
x-amz-id-2
TSrHBPCwkF71tf8XhvBfSNA5eM1FmseYhxI/oPUyQmGVB5MLJxhWtujlUOYbu+jvTt/iHW5YwYI=
expires
Tue, 18 Apr 2023 08:18:39 GMT
amp-theme.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/js/
6 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/js/amp-theme.js?ver=20210929-06
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f1c664fdf930c1ecf1b3be8b7814abca4b9db344af4f19776c93bb780135d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:38 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
NPKNDPB5X7WQH318
age
387581
x-amz-server-side-encryption
AES256
x-amz-id-2
4J35t3QnXD2C2TQn30vrSa4bQCofNsJPZPnX/Ev5RlS5lcKnrDP6ICoOSW2sGJOpgBBSR6yHlQY=
last-modified
Sat, 11 Mar 2023 04:11:49 GMT
server
cloudflare
etag
W/"09aa706d8feac065370d4c7e51559566"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bbfab110378-FRA
expires
Tue, 18 Apr 2023 08:18:38 GMT
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed83207527cdc95ec00e55ba048b9b9b7d4908593879d8aa4def4639be078bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38380
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
75 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee40e3d3f87dc8252249f6b6612364d7f492c836fba10fe01aaac69f6f116d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25395
x-xss-protection
0
server
cafe
etag
199 / 19464 / 31073791 / config-hash: 3756285743670852327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:39 GMT
KYNG-AM-The-Ticket-2.png
cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1438/2016/01/
0
0
Image
General
Full URL
https://cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1438/2016/01/KYNG-AM-The-Ticket-2.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

headway-imported-image.png
www.theticket1590.com/wp-content/uploads/sites/1438/2016/03/
985 B
1 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1438/2016/03/headway-imported-image.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ffe77d0f8d8b0b74a00ad2cd3bb5d424e904c2adba467659f77abc894ea6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2016 19:56:40 GMT
server
cloudflare
etag
"56e868f8-3d9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-16.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bc438128ffa-FRA
content-length
985
expires
Tue, 16 Apr 2024 20:18:39 GMT
cumulus-vip.png
express-images.franklymedia.com/6616/sites/1438/2018/01/29144034/
401 B
631 B
Image
General
Full URL
https://express-images.franklymedia.com/6616/sites/1438/2018/01/29144034/cumulus-vip.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6dc8cfd2b63684f0859c9e3186a5f9894c5d76dccca601bf08fac1953b869f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2018 20:40:38 GMT
server
cloudflare
x-amz-request-id
Y64W63D8D8CM4798
etag
"5e507550ad423e83771548cce1e7afb8"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b975bc4ac2539e6-FRA
content-length
401
x-amz-id-2
QzZ8gns3127jF/oKVGLefJJB2TbRK/iTjkbVTQRSvvOHTpkMbeYOmvjTTmyt1hfNFhyB3mOxXRk=
expires
Tue, 18 Apr 2023 08:18:39 GMT
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=5oC5qDti&cid=5513&offsetx=0&offsety=80&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
7 KB
3 KB
Script
General
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e3149128340c4394835bb0559edba9bd118e07b596e6fbbb18fef086f3151af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:21 GMT
x-amz-version-id
Npbjl45.1re9KBFp1zRfU8oCvBFT.Jed
content-encoding
br
last-modified
Thu, 13 Apr 2023 22:03:13 GMT
server
AmazonS3
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"10d1f9b68717354de69106da6eb5e057"
age
19
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
IuTcPAJjfU1KnVXpXouDKZGkFuER-Q7OPgIski4juRHN1YimWB-X4g==

Redirect headers

date
Mon, 17 Apr 2023 20:18:39 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.15.1-G/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
zM4QbU9vU9FZ2GGx91IonSzJLvSW4Zhugcbq6xnSQadae1Bgyw8Eiw==
sweetdeals1.png
www.theticket1590.com/wp-content/uploads/sites/1438/2016/01/
226 KB
226 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1438/2016/01/sweetdeals1.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40afdb6159602ec4ed6768dea83cf069e0425e4056bc61f138e0bf2046074412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Jan 2016 21:22:16 GMT
server
cloudflare
etag
"56981188-38842"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-13.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bc438148ffa-FRA
content-length
231490
expires
Tue, 16 Apr 2024 20:18:39 GMT
appstore.png
www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/
138 KB
139 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/appstore.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db73e43d6f40687165de7df1a9cac4db859cbbfd9347cbe1416bcf8465cc91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:32:15 GMT
server
cloudflare
etag
"544fe12f-22903"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-18.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bc438168ffa-FRA
content-length
141571
expires
Tue, 16 Apr 2024 20:18:39 GMT
googleplay.png
www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/
138 KB
138 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/googleplay.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71dcfaddd16dc8f74b2a51d238c674dc281b9669e5ae471baa3e74cc97a1aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:32:47 GMT
server
cloudflare
etag
"544fe14f-22829"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-21.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bc438188ffa-FRA
content-length
141353
expires
Tue, 16 Apr 2024 20:18:39 GMT
amazon.png
www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/
138 KB
139 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/amazon.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7162200f464a21121476793004f2eb1af54d5d92f7910b4f54f8ba64c16e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:32:12 GMT
server
cloudflare
etag
"544fe12c-228f7"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-22.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bc438198ffa-FRA
content-length
141559
expires
Tue, 16 Apr 2024 20:18:39 GMT
sync
thrtle.com/
0
0
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=7004
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.62.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-62-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

style.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/
338 B
427 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/themes/Headway-AMP_CMS/style.css?ver=20220610-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df74312f7ba8eabc42060688a6c5f9c727ff4e1e65fde7685115e482dca4003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9NFY4XCX8SVNE8
age
85207
x-amz-server-side-encryption
AES256
x-amz-id-2
XcNt/3HhAehwz6BNB+JpIaqnPVZe0gu+716QBYaDMeWkO1hM2J7pEXdf+AsUsQoeXzw59qJbBgg=
last-modified
Sat, 11 Mar 2023 04:11:50 GMT
server
cloudflare
etag
W/"5140769b57bda7c6f78cb57f66f701a2"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bc41af20378-FRA
expires
Tue, 18 Apr 2023 08:18:39 GMT
widget.css
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/css/
2 KB
855 B
Stylesheet
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/css/widget.css?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca27b49dcaf6c7ccd0349fe39719560d621d767edf987a5aed9569491694a93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9Z9MT9MSH9NW3RPA
age
85207
x-amz-server-side-encryption
AES256
x-amz-id-2
iB+6zA8juLhFBlmCTLp/piNT9XOO1vpD24gDY4SFddN+CrWQk9rBTI3u2lnTgMr2ZzIrltWDWPM=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"125fb5ff40f36a5040c178458b8de3eb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bc43b190378-FRA
expires
Tue, 18 Apr 2023 08:18:39 GMT
main.min.js
www.theticket1590.com/wp-content/plugins/themify-builder/themify/js/
31 KB
10 KB
Script
General
Full URL
https://www.theticket1590.com/wp-content/plugins/themify-builder/themify/js/main.min.js?ver=5.5.7
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1602bbbe3ff382852e4f7c71efd46277f00cae1799adee44d44c49e51ca47d84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 13:11:18 GMT
server
cloudflare
etag
W/"6437ff76-7c0c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-whom
web-16.ampcms.internal
cf-ray
7b975bc4381a8ffa-FRA
expires
Tue, 16 Apr 2024 20:18:39 GMT
widget-front-end.js
express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/js/
4 KB
2 KB
Script
General
Full URL
https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-polls/js/widget-front-end.js?ver=6.1.1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8c4f245b08961a48b29107101da3ef28e9c2eb9a6a090c3d4e9babced6d9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
WM2MK7Z0VA1CKRNW
age
2443318
x-amz-server-side-encryption
AES256
x-amz-id-2
9+N9XMHEFDzxtCYDaonO0T1/k1mkh+V+poUNheEs3vAGdSo8ryukJZwipis5dTUhpbRxbL5w2E0=
last-modified
Sat, 11 Mar 2023 04:11:21 GMT
server
cloudflare
etag
W/"a5bde46366ca5f6686f55c849a23d24b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7b975bc43b1b0378-FRA
expires
Tue, 18 Apr 2023 08:18:39 GMT
fullfooter.js
kyngam.tunegenie.com/station/pwa/
379 B
771 B
Script
General
Full URL
https://kyngam.tunegenie.com/station/pwa/fullfooter.js?bs=kyngam
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.16.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-16-143.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6854f186a1c36afb7c914da77bfdfc0e9eece9a6af38930e3a1a7592435a2d9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:40 GMT
Server
nginx/1.20.0
Vary
Authorization, Cookie
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
379
Expires
Mon, 17 Apr 2023 22:18:40 GMT
ecms_global_footer.js
www.theticket1590.com/wp-content/uploads/ecms/
2 KB
866 B
Script
General
Full URL
https://www.theticket1590.com/wp-content/uploads/ecms/ecms_global_footer.js?v=1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7541bc3222a1d2c6a5fd30bc949941c06d0470df4143160891004f6b0c138a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2023 21:50:13 GMT
server
cloudflare
etag
W/"64372795-7ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-whom
web-21.ampcms.internal
cf-ray
7b975bc4381b8ffa-FRA
expires
Tue, 16 Apr 2024 20:18:39 GMT
gtm.js
www.googletagmanager.com/
125 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNX7F&l=corpDataLayer
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
809181e525fadb8dcd3df049937d06714303dd910d61d343ae6b43ecb254ffcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49108
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:39 GMT
header_bg.png
cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1335/2014/12/
0
0
Image
General
Full URL
https://cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1335/2014/12/header_bg.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

navbar.png
cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1335/2014/12/
0
0
Image
General
Full URL
https://cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1335/2014/12/navbar.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content_bg.jpg
cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1335/2014/12/
0
0
Image
General
Full URL
https://cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1335/2014/12/content_bg.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

YEAubC7OkX.jpg
app-ingestion.franklymedia.com/
28 KB
28 KB
Image
General
Full URL
https://app-ingestion.franklymedia.com/YEAubC7OkX.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9aeb96990b7e66f70d00527262cc838616bb70f78bbb59762fd8b64a2c028d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 05:28:32 GMT
server
cloudflare
etag
"643cd900-702d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7b975bc598c63a9e-FRA
content-length
28717
expires
Thu, 14 Apr 2033 20:18:39 GMT
eQFokzOn3Y.jpg
app-ingestion.franklymedia.com/
21 KB
21 KB
Image
General
Full URL
https://app-ingestion.franklymedia.com/eQFokzOn3Y.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93c3df17bf9048d589272f65c9770b61be12332aee982e1f85cfca5d9dc4544a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Sun, 16 Apr 2023 19:27:35 GMT
server
cloudflare
etag
"643c4c27-5292"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7b975bc598cc3a9e-FRA
content-length
21138
expires
Thu, 14 Apr 2033 20:18:39 GMT
sBSCm0QQe9.jpg
app-ingestion.franklymedia.com/
48 KB
48 KB
Image
General
Full URL
https://app-ingestion.franklymedia.com/sBSCm0QQe9.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abd4ce521306ef747719f8e7af8ef91a38ed738bb742e8742a047bac7cc764f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 04:48:28 GMT
server
cloudflare
etag
"643ccf9c-c0e2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7b975bc598c93a9e-FRA
content-length
49378
expires
Thu, 14 Apr 2033 20:18:39 GMT
D_0gCBHoGj.jpg
app-ingestion.franklymedia.com/
32 KB
32 KB
Image
General
Full URL
https://app-ingestion.franklymedia.com/D_0gCBHoGj.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:166c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95e3834b9064377ed78a2e36fb2beb026044b5828367fb7074eacba2c393675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 03:31:18 GMT
server
cloudflare
etag
"643cbd86-7f4a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7b975bc598cb3a9e-FRA
content-length
32586
expires
Thu, 14 Apr 2033 20:18:39 GMT
My-Post-7-150x150.png
express-images.franklymedia.com/6616/sites/1438/2020/08/24123850/
12 KB
12 KB
Image
General
Full URL
https://express-images.franklymedia.com/6616/sites/1438/2020/08/24123850/My-Post-7-150x150.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7346a90b217ae8c78a497d99d0676a408454bf2b60f7a7f7bc56bc870c8af9ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
cf-cache-status
MISS
last-modified
Mon, 24 Aug 2020 17:38:51 GMT
server
cloudflare
x-amz-request-id
Y64J6MHH9QBMGY1E
etag
"210cd51bd9f05996927c3c52ab90aac6"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b975bc4ac2139e6-FRA
content-length
12080
x-amz-id-2
5uqro4J2PkdYTufCZHfmlSUVDfZNdVglS74r9tk+McKySg5oluk54k8oloHr2AFHiNxQloieIao=
expires
Tue, 16 Apr 2024 20:18:39 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:08:50 GMT
x-content-type-options
nosniff
age
137389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9840
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Apr 2024 06:08:50 GMT
js
www.googletagmanager.com/gtag/
221 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1cdc79992ce36d58e273982821bd17e8bdc09b4d4c2f3fb5a4ccc21388dc788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79090
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 20:18:39 GMT
js
www.googletagmanager.com/gtag/
218 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MG0FZNY48X&l=corpDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNX7F&l=corpDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ecaea631b86b12b8587d58d44a25e3b617589cc09169434106580d9cf0bceaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78405
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 20:18:39 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNX7F&l=corpDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:35:42 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6177
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 17 Apr 2023 20:35:42 GMT
gtm.js
www.googletagmanager.com/
214 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fda00593549f23ee1cb2cf30db1b47046bc435422861ad663ba747dae7377c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75596
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:39 GMT
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7LHM6PBR21&gtm=45je34c0&_p=1617576976&cid=1483137519.1681762720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681762719&sct=1&seg=0&dl=https%3A%2F%2Fwww.theticket1590.com%2F&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/
398 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:15:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
28983
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126408
x-xss-protection
0
server
cafe
etag
11042757488233447259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Apr 2024 12:15:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
92 B
89 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theticket1590.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23c6b274bbccec49a3c8d271cac1452ede67e45084d693934e18ce49fab0c1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:39 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MG0FZNY48X&gtm=45je34c0&_p=1617576976&cid=1483137519.1681762720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681762719&sct=1&seg=0&dl=https%3A%2F%2Fwww.theticket1590.com%2F&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MG0FZNY48X&l=corpDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
cmp.quantcast.com/choice/_xVSK99pzATvb/theticket1590.com/
5 KB
2 KB
Script
General
Full URL
https://cmp.quantcast.com/choice/_xVSK99pzATvb/theticket1590.com/choice.js?tag_version=V2
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac9caf19f84f6b71329ea2b3b86139c376f20b8fe87f35bdd94cc95e70079255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 20:17:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"2f5f9aebe5298d09c8be2065e7a36ab7"
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
GR5cazxRrml2oQB3LQc3KdIxRl8ElZm3eDwprdJFvcFnyLip5RhjGQ==
main.js
cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/
17 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/main.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e025e517a55a0f2c4e6c8b54db18bc11b7f40b68f1c2936f9836973e330e1d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 20:18:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
22104
x-jsd-version
85ceca6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6487
x-served-by
cache-fra-eddf8230136-FRA, cache-hhn-etou8220050-HHN
x-jsd-version-type
branch
etag
W/"452f-RRyeO+m38ZdhWHStwiVMGY6k1+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 17 Apr 2023 21:17:22 GMT
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.15.1-G/
678 KB
185 KB
Script
General
Full URL
https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e16b520601222e9febb9322d25f2880f323ab6184bbb20a2dfbc01512d49cec

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:27 GMT
x-amz-version-id
LNXjCEetzx.0FBYq9VKmWJo590NqR4gY
content-encoding
br
last-modified
Thu, 13 Apr 2023 22:03:13 GMT
server
AmazonS3
age
13
x-amz-cf-pop
FRA56-P7
etag
W/"d1473d6891bd66636c9838a23c03550c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
08ieT_ODNjIuFF-_PocgMSioRdPS-aQQN4sWLsDB6aQ-flL-71jLAw==
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0f27260c8a136e64319f0f7145f7506f6fd21742d6835462c4745f80da08b9c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 20:18:39 GMT
content-md5
Q8xCtOonRKdnnzovNtgmNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
DtAQvtnOJWBlV4w/Llv4YFHY8DxE5KduDyRsa5G1BxdVM0ndW6G8olHScW2HNroonHEa5C3TedRa33wsXgdxtA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
x-fb-content-md5
7b2236aa1498ba393cc737d082afc34a
cross-origin-opener-policy
same-origin-allow-popups
etag
"2ee3e6c7ca6663e004889129466d1edd"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:31:40 GMT
KYNG-AM-The-Ticket-2.png
cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1438/2016/01/
0
0
Image
General
Full URL
https://cumuluspro-express-pro.franklymedia.com/kyng-am/wp-content/uploads/sites/1438/2016/01/KYNG-AM-The-Ticket-2.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.46 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.46.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

see.js
engage-see.franklymedia.com/widget/see_3879/
0
0
Script
General
Full URL
https://engage-see.franklymedia.com/widget/see_3879/see.js?ver=20220510-01
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

collect
stats.g.doubleclick.net/j/
1 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41702516-17&cid=1483137519.1681762720&jid=2141114467&gjid=1654813631&_gid=374673767.1681762720&_u=aCDAgAAjAAAAAE~&z=212910371
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Apr 2023 20:18:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1617576976&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theticket1590.com%2F&ul=en-us&de=UTF-8&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgAAj~&jid=2141114467&gjid=1654813631&cid=1483137519.1681762720&tid=UA-41702516-17&_gid=374673767.1681762720&gtm=45He34c0n71NXNX7F&z=645106069
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 10:05:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36791
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=18c0791cb8115091e4d88cbd3da376f1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0888666e3ef215be8a27d2d9cbadd22963d9714e12f577e8683cd219d30f4aa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 20:18:39 GMT
content-md5
lv7YVe/OZ7rp/EJQA0l80w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88563
x-fb-rlafr
0
x-fb-debug
DiC7ga4soIjxGLbHhSktRy7FRiP0ANz8mJ+vynwS0pyo81ZDYibrTR3vknkc04o1VMQNaiXxyOABx9LjVs1W7Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e3e96479faec88260ee5f9cca917a058
cross-origin-opener-policy
same-origin-allow-popups
etag
"2caae666c0e1cc440ba2469ea9f87b0c"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Apr 2024 15:47:59 GMT
187621-164323601241456.js
js-sec.indexww.com/ht/p/
39 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Apr 2023 19:56:55 GMT
server
cloudflare
age
1060
etag
W/"da4e7d-9a4f-5f98d97c5dfd9"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7b975bc74e0130c6-FRA
expires
Tue, 18 Apr 2023 00:18:39 GMT
css
fonts.googleapis.com/
3 KB
723 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e036eee2a56f16060c857d1ca0f14e8abe9518cff6335e114ebaf1c6b2d440ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:56:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 20:18:39 GMT
icon
fonts.googleapis.com/
569 B
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:18:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 20:18:39 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
19703370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97F2Ax2fAkb3q%2FM%2B%2F9m%2Ffwnnmhx15g8h6pW7ztT69Iytc4a0BU7ZwdycOynI4oqbFEeXnddoFuP1MZdnZADnc5QLJ8Bsa6NLJAK1DFqQNNHPB5HkhYq7vW1OYPzlVhbhqZI8ij64Wjqbej%2FYpaFAlqET"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b975bc7590530db-FRA
expires
Sat, 06 Apr 2024 20:18:39 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 4C94
53 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8214792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYaaXROqAPAR%2BH0NCPdfhdRSY0jMVV7uSoSYr6k2xiLFQcjtUFJAytUWwb3adT1zEe7wRQI5bkAW5xcDyKG2JaA4vVfYJF0qAvSPBVqFwLhtsIR4xJ2Epn%2B0A9cIAEHOOXQrDPfvJHRZdh96T43x1rGT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b975bc7590730db-FRA
expires
Sat, 06 Apr 2024 20:18:39 GMT
prebid.js
embed.sendtonews.com/library/prebid/7.17.0/ Frame 4C94
317 KB
91 KB
Script
General
Full URL
https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922a293fce4c3fb1526e1a5d8816602ef86fd581c3e438989416bc5c56ce9f0f

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
4T1O1sxkjVuvPIXSZnuOc3WXU2qLKIH1
content-encoding
br
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date
Sun, 16 Apr 2023 23:34:47 GMT
last-modified
Thu, 13 Apr 2023 19:30:43 GMT
server
AmazonS3
age
74633
x-amz-cf-pop
FRA56-P7
etag
W/"a19a813f32186fcd556eb018968e7f37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
VTo_BflC0xXivSNJaiijPHu6WioOCaSvdlkgOEh_JF2G0zQK0zCBPg==
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 4C94
335 KB
55 KB
Script
General
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
br
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date
Sun, 16 Apr 2023 23:34:59 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
74622
x-amz-cf-pop
FRA56-P7
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Yznu-h2Wk5sXwrAUoQhnahzrG9NrxRwhYWo1aZUjazUaY7tt_2a6_w==
ima3.js
imasdk.googleapis.com/js/sdkloader/
361 KB
121 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123683
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:39 GMT
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/
1 KB
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:15:17 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3803
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
QVktC_B5BxoJfvqBfLcsdls-y-B0HdnFGx1WkWJqP-eUQhIzmXX2WQ==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/
322 B
655 B
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:15:17 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3803
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
TwOf3iCi4vTkqQxjWILXtZD5VAsiFM8325TS2ZMFJkeir5vtftqxsg==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/
832 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:15:17 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3803
etag
"8be584e844dabfe22970a0cb943c047e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
XIvq0vTbB2fjjMz4j1JOwJrIGEnFfXwamLZsI0o-T9CMhOfMvVm6qQ==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/
773 B
1 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:15:17 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
36659
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
NlQKLv50CKQlGtvZG1Ydm1a5T_h39KogABAW0WpzihHGzWLG6X1Svw==
stn_trk.gif
s2l.sendtonews.com/
26 B
187 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=079351&version=7.15.1-G&age=230417&cmd=PRE_INIT&key=5oC5qDti&seq=1&order=1&vIndex=0&absoluteTime=1965.9&relativeTime=0.1&canonical=https://www.theticket1590.com/&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/
34 KB
7 KB
Fetch
General
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=bYoTP3-rbC6ebG9d&instance=079351&version=7.15.1-G&age=230417&ESG_key=5oC5qDti&type=FULL&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-91.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
592d78b81f600d88130f6b5464584f033567ff1a1bea010b7be152e1b6632bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
6455
x-amz-cf-id
curSc6-_JtS5e7tCQ65o0HFKtoiMb8D1hi5wavcBdbvSgs0njOrn5w==
expires
Mon, 17 Apr 2023 20:18:40 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4C94
225 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:39:39 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2341
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
en5owHZz9EwXEoHPDOhfkyG1rs4_lnT5h8lkQxLH5XrGId4GIbuMaw==
/
id.sv.rkdms.com/identity/
2 B
171 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.theticket1590.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.79.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-79-203.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:40 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/
44 B
364 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.theticket1590.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/
63 B
394 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
10d93c5366cca501fd46f6eb821fedabda95a6fb5dc465f09c7c30c06ad5a00e

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 17 May 2023 20:18:40 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4C94
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
2Sgz_jzNJSSRPWJ_gnSYv_ijcKpKSTlt0UHcEoSSMcMbBcTFnwkJUQ==
bridge3.568.1_en.html
imasdk.googleapis.com/js/core/ Frame 088F
707 KB
226 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c89bea8f90c7c22749b292948790d7e92ca96053d23e3a6622a1ac33c9061691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
192537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231485
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Apr 2023 14:49:43 GMT
expires
Sun, 14 Apr 2024 14:49:43 GMT
last-modified
Fri, 14 Apr 2023 00:03:45 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 20:18:40 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 4C94
335 B
688 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.theticket1590.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:39 GMT
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
335
x-amz-cf-id
PsZWgY91dWmU0u4tWZMhotcw0IhxosEh61kaoLeATBl2hEJJnKHRcg==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&cmd=GET&key=5oC5qDti&c_id=5513&seq=1&order=2&vIndex=0&absoluteTime=2297&relativeTime=331.2&canonical=https://www.theticket1590.com/&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/
4 KB
2 KB
Script
General
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-3.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6484dbdbcc018ef0cc92a28a4ef391571c4651aaa1958a85a24439c6120f9606

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
R1seq2Z_z8JGW4oF8VGqO4_69qZCLOzx
content-encoding
br
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront), 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 20:07:30 GMT
x-amz-cf-pop
FRA56-P7, FRA2-C2
age
672
x-cache
Hit from cloudfront
last-modified
Thu, 15 Dec 2022 19:57:28 GMT
server
AmazonS3
etag
W/"7cf0333618ae77b3dfe7d27466506fa8"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
dI4qq7HM0OqZ1GFqbeq7-NjBwsNJ9dpbFtX_ibsnG97h3W23-3eICw==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:38:05 GMT
x-content-type-options
nosniff
age
553235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16756
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:16:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:38:05 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:09:41 GMT
x-content-type-options
nosniff
age
22139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 14:09:41 GMT
1-5q3qn75o2818p1n4s0n439o90542p15p.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/
33 KB
34 KB
Image
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/1-5q3qn75o2818p1n4s0n439o90542p15p.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
298d5f22029629ee83d88185e8a010bf028ac663746b0dffbf1d57409b090264

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
33751
last-modified
Mon, 17 Apr 2023 18:55:55 GMT
server
AmazonS3
etag
"ee310e40d7d75730c180cf6260fb377b"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
zF4Y8Che72_uxVzmw5up1FpjrQ95gV42Xw63NegIho-iA268Jthz6g==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&cmd=RTP&key=5oC5qDti&c_id=5513&seq=1&order=3&vIndex=0&absoluteTime=2318.7&relativeTime=352.9&sC_ID=5935&sm_id=2686986&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&playerCfg=FL&playerType=FLOAT
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame 4C94
0
96 B
Script
General
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
7b975bc9dd39361f-FRA
vary
Accept-Encoding
o1n30140o1o81o1p838r162661r56psqplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/
291 B
860 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/o1n30140o1o81o1p838r162661r56psqplaylist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
beaa2e851f411d6978d073a717650147e3c8fcfef63f20b38d7ff740237553a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Mon, 17 Apr 2023 18:52:24 GMT
server
AmazonS3
etag
"4f6a39581a0e82b631ea9fa2d9a83fca"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
RIIU2LdoD_-G7IkGbXcfdBmYP55xML7tphZldf1CG8zJ7DojKNUUcw==
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&cmd=IMA&key=5oC5qDti&c_id=5513&seq=1&order=4&vIndex=0&absoluteTime=2336.4&relativeTime=370.6&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.568.1&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/
64 KB
2 KB
Fetch
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C6717%2F53596966&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.theticket1590.com%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&vid=2686986&us_privacy=false&cust_params=sessionKey%3D297079351-bYoTP3-rbC6ebG9d%26schain%3Dstnvideo.com%2CaaT9tu8u-GS2pOPJCB-Oig%26content%3D5935%26placementType%3DPremium%26embed%3D5oC5qDti%26domain%3Dtheticket1590.com%26player_size%3Dsmall%26player_width%3D654%26player_height%3D368%26player_type%3Dfloat%26version%3D7.15.1-G%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00082%26rand%3D5%26uhr%3D20%26iris_id%3Diris_10207eea42b62bc2%26iris_context%3Dic_5619313%2Cic_2291553%2Cic_7753435%2Cic_2407074%2Cic_1612662%2Cic_0344266%2Cic_3890383%2Cic_7287399%2Cic_8555203%2Cic_7997629%2Cic_9358269%2Cic_4332534%2Cic_7190905%2Cic_8024878%2Cic_5365686%2Cic_4633273%2Cic_5381994%2Cic_3979040%2Cic_0854364%2Cic_2897216%2Cic_0899282%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_4262964%2Cic_2540565%2Cic_1655055%2Cic_0287034%2Cic_9536669%2Cic_2641516%2Cic_3885449%2Cic_6552771%2Cic_9297236%2Cic_5157939%2Cic_1343647%26us_privacy%3Dfalse
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7031d3168fda2053516666daf991d109d67643f52298c4b507e7b5463e272674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1670
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
5q3qn75o2818p1n4s0n439o90542p15pbase.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/
22 KB
22 KB
TextTrack
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/5q3qn75o2818p1n4s0n439o90542p15pbase.en.vtt
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87e23260355f4ce612834f16507fe2870f18fbda2f69ba9c22289f755611e237

Request headers

Referer
https://www.theticket1590.com/
Origin
https://www.theticket1590.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
22529
last-modified
Mon, 17 Apr 2023 18:53:43 GMT
server
AmazonS3
etag
"622bbae82a5ad16e4e65b010e3b8f353"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
xJn49sjtudIOal7MLQAb6T08UwNHY8RIpeGPZsa8sOlfGCyvQ43Ggg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theticket1590.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 17 Apr 2023 20:18:40 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4C94
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.85.21.172 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-85-21-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 17 Apr 2023 20:33:40 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 4C94
0
454 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.54.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-54-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Apr 2023 20:18:40 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/_xVSK99pzATvb/theticket1590.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 24 Apr 2023 20:18:40 GMT
cmp2.js
cmp.quantcast.com/tcfv2/
178 KB
44 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=theticket1590.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/_xVSK99pzATvb/theticket1590.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:06:58 GMT
content-encoding
br
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 05 Apr 2023 15:47:12 GMT
server
AmazonS3
etag
W/"1746c81073fb3adcecce59e604b48427"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
BoT_vc4pjl9x0LduKma7cgEsD09-ogAWn4bmZjkUr9rsJyRBaA7Jwg==
headerstats
as-sec.casalemedia.com/
0
505 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.theticket1590.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7pzz1KgRPWylB03nkGFqOgOwJMHDsldcOcqVC5jaFRieIly8amIZAIMFLqzZ2WjHQOV8o%2F07Jc5owLfgvP18EfgPh%2F4pIjawrXT4%2BXzFyaI9QHLdsfQDYbR7Hf0QBt2ai0ylv8kPcM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b975bcacfe591e3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4C94
23 B
468 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.theticket1590.com%2F&pid=hYOpWsBwgAYek&cb=0&ws=1600x1200&v=23.407.232&t=2000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_10207eea42b62bc2%22%7D%2C%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CaaT9tu8u-GS2pOPJCB-Oig%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
Q4C6GVAKDPAZ58VWT8YV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Ki3HZWzHU4f13wkvW7Rjdm6AMAFjGd_GWAaXXy01uGUjMlDPbnFYxg==
loader2.min.js
b3.tunegenie.com/js/
2 KB
1 KB
Script
General
Full URL
https://b3.tunegenie.com/js/loader2.min.js
Requested by
Host: kyngam.tunegenie.com
URL: https://kyngam.tunegenie.com/station/pwa/fullfooter.js?bs=kyngam
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd34556b61496c7b6e67c835f6e9e986e39e68c6370de239ae5291fd794aeb54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
hcm2yvP5SBi8502uSDrgAPfMqTRDDR.7
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 20:18:42 GMT
last-modified
Tue, 17 Jan 2023 19:26:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"46b29962e990b78e68aa6800f482629d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0
x-amz-cf-id
gW298QTPyBXI6UVfSkcTGjuPo98Fb6gGrfaqrqH6Ib7cVwUfI5u50A==
bxslider_loader.gif
express-images.franklymedia.com/asset/
8 KB
9 KB
Image
General
Full URL
https://express-images.franklymedia.com/asset/bxslider_loader.gif
Requested by
Host: express-cms-assets.franklymedia.com
URL: https://express-cms-assets.franklymedia.com/v3_17_01/wp-content/plugins/express-cms-promo-reel/js/bxslider/jquery.bxslider.css?ver=20210512-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://express-cms-assets.franklymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
cf-cache-status
HIT
last-modified
Thu, 13 May 2021 17:04:24 GMT
server
cloudflare
x-amz-request-id
YF9Y9V74FBFATE25
age
332493
etag
"931bdb6b50816b03206c66921760b246"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b975bcacee539e6-FRA
content-length
8581
x-amz-id-2
gxsID6nVMr9JH9X0QQSE7fk89tmQlFuhcyAyQLXhSOXEoZ/fpEzHqh8uP5ez070gQsXQFMegP1stsZmguBEtBi7wE2xuY4a1Nu2guvlfARA=
expires
Tue, 18 Apr 2023 08:18:40 GMT
promocaption.png
www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/
204 KB
204 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/promocaption.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92bbd028ab0ad0953c7e1dd6ac7137dcdbdcb169da9a30d8e38169b6bbe1a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
cf-cache-status
MISS
last-modified
Wed, 29 Oct 2014 15:58:23 GMT
server
cloudflare
etag
"54510e9f-32e8c"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-16.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bcad8948ffa-FRA
content-length
208524
expires
Tue, 16 Apr 2024 20:18:40 GMT
prev.png
www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/
204 KB
205 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/prev.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce43f802dc7c161875bd6439eeec68f585d15ab78b9b13dd9328866d3ba8a344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:33:14 GMT
server
cloudflare
etag
"544fe16a-33117"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-20.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bcad8968ffa-FRA
content-length
209175
expires
Tue, 16 Apr 2024 20:18:40 GMT
next.png
www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/
204 KB
205 KB
Image
General
Full URL
https://www.theticket1590.com/wp-content/uploads/sites/1335/2014/10/next.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90e065cc3d7ae9c05d0f576847f6cb13261aa315e20aa77ac64a2d72d5ce0b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/?headway-trigger=compiler&file=general-https&layout-in-use=front_page&rand=1483722184&ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Oct 2014 18:33:00 GMT
server
cloudflare
etag
"544fe15c-3310d"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-whom
web-14.ampcms.internal
accept-ranges
bytes
cf-ray
7b975bcad8978ffa-FRA
content-length
209165
expires
Tue, 16 Apr 2024 20:18:40 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1617576976&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theticket1590.com%2F&ul=en-us&de=UTF-8&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjAAAAAGAAI~&jid=885831478&gjid=120311705&cid=1483137519.1681762720&tid=UA-1686524-24&_gid=374673767.1681762720&_r=1&_slc=1&cd1=KYNG-AM&cd2=cumuluspro&cd4=KYNG-AM&cd5=Fayetteville%2C%20AR&cd6=Sports&z=757470047
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
CUMULUS-MEDIA-Horizontal-White.png
express-images.franklymedia.com/6616/2020/01/14114450/
2 KB
2 KB
Image
General
Full URL
https://express-images.franklymedia.com/6616/2020/01/14114450/CUMULUS-MEDIA-Horizontal-White.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d5b0ed742fbcf607f1680ca632128118ca36c8a355029025eb4cd22c7aa981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Jan 2020 16:44:59 GMT
server
cloudflare
x-amz-request-id
SE6X5N44B12YBZ3D
age
346634
etag
"d45759cdb87e2c1d42d36ee581e419b9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
7b975bcaef1539e6-FRA
content-length
2301
x-amz-id-2
xzpbWT3I5Du64ZRQILGFu/w4FU7wKGUdm/Vj/v/uBW18lc7sMbRYr6YSOEv/C5lw112I5qe3iKU=
expires
Tue, 18 Apr 2023 08:18:40 GMT
destination
www.googletagmanager.com/gtag/
229 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
16f390292f4186912a43e229bc7fb381db8f33394b740e3620cf1c94a76f102e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81066
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 20:18:40 GMT
vendor-list.json
cmp.quantcast.com/GVL-v2/
407 KB
55 KB
XHR
General
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list.json
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d19acaedbb34b8bd49f5a4457b6544de09b851fb20c366dc8312b04c84bc4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:00:36 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
62285
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 17 Apr 2023 03:00:32 GMT
server
AmazonS3
etag
W/"fd1e2e3ad2726d2996251061ba6c75c5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
iw5nHFfJScEeIupwqsmrlO1RUn5kW4kcEvGhFL624W5XPUiRsCS-Dw==
google-atp-list.json
cmp.quantcast.com/tcfv2/
151 KB
37 KB
XHR
General
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:00:28 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
62293
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 17 Apr 2023 03:00:26 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Q43Wutqu4mzE6cJGlaieQjMgCKWvgBDgoAxlbTSEU7RdFAXfho1Pag==
advertising.js
cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/
53 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/advertising.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d050d34d95266c42e79cb0df98e4b15fb25f4ea5b47ea5db08214bea40ad9280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
content-encoding
br
age
14203
x-jsd-version
85ceca6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17594
x-served-by
cache-fra-eddf8230087-FRA, cache-hhn-etou8220050-HHN
x-jsd-version-type
branch
etag
W/"d49f-RNLlQ8/lE4GOwhAUGWex7TE6Whc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
analytics.js
cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/
8 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/cumulus-digital/cmls-amp-cms-utils@85ceca6/dist/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43ee45287123b95f11211fdd02e23147a3f4909023503e0b03fe00ea2ee01926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
content-encoding
br
age
24237
x-jsd-version
85ceca6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3122
x-served-by
cache-fra-eddf8230134-FRA, cache-hhn-etou8220050-HHN
x-jsd-version-type
branch
etag
W/"1e14-1P+UWEvxFBdIOhHtGoE140sVWq8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
collect
stats.g.doubleclick.net/j/
1 B
67 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41736871-1&cid=1483137519.1681762720&jid=2037781444&gjid=539996712&_gid=374673767.1681762720&_u=aCDAgEAjAAAAAGAAI~&z=480806796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/
24 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/autotrack.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
964342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7172
last-modified
Mon, 04 May 2020 16:05:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d61-60d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL9BjmTBHyl9cZvHD7%2Bdll2F3bYbdTLXfiZDCe7w7AXXhQv4XtbBwHthwKIdI4e31nlwLBdarYfNUI2TiXfwSm7z9MsFf2QpvVxvowNiFUfvM1Q%2FytDA0JDMomQBq0QvKIfNZ2jcSCmhJfqrOkjo1hFc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b975bcb2e8630db-FRA
expires
Sat, 06 Apr 2024 20:18:40 GMT
js
www.googletagmanager.com/gtag/
229 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1808c04fac2af1c35eb1816790b204793aafeb7cb03cf6ffcaa2c3cfa9a20fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81025
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 17 Apr 2023 20:18:40 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1617576976&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theticket1590.com%2F&ul=en-us&de=UTF-8&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjAAAAAGAAI~&jid=2037781444&gjid=539996712&cid=1483137519.1681762720&tid=UA-41736871-1&_gid=374673767.1681762720&gtm=45He34c0n71MPSWXC&z=1413123216
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 10:05:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36792
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/
0
226 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=16059128&ns__t=1681762720491&ns_c=UTF-8&c8=The%20Ticket%202%201590%20%7C%20KYNG-AM&c7=https%3A%2F%2Fwww.theticket1590.com%2F&c9=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
3hriEyOG0xbcWVI9Oc-rpKj1oyG2CYx8bXeUunpI8OrWErtRuLM34Q==
x-cache
Miss from cloudfront
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
21 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&adks=2718426587&sfv=1-0-40&prev_scp=pos%3Dtop&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720526&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=436&adys=136&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=998x0&msz=998x0&fws=4&ohw=998&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49640543b3a77b759eaae78fe6cf040551dc7023fa23ed5f9dc6f02149fb9dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10108
x-xss-protection
0
google-lineitem-id
6255190026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402188462
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
15 KB
7 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=2&adks=230436542&sfv=1-0-40&prev_scp=pos%3Dmid&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720533&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=984&adys=206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2992df91168daf438b2f7e103130f15c5a0015f01ee8054f18a26e8809e0d8f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6662
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
46 KB
17 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x50&ifi=3&adks=3999203455&sfv=1-0-40&prev_scp=pos%3Dcontest1&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720535&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=984&adys=368&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e32c716f997872de08a383f1b3edfca13f2235a35606f6f452a7c9f471f0dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17587
x-xss-protection
0
google-lineitem-id
6255600896
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426809240
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
533 B
301 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x50&ifi=4&adks=3533785706&sfv=1-0-40&prev_scp=pos%3Dcontest2&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720537&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=984&adys=418&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9731cbd07328ad2851127930e2543d348efc52fb62d72804c702b37550b3a016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
533 B
299 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x50&ifi=5&adks=185302627&sfv=1-0-40&prev_scp=pos%3Dcontest3&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720542&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=984&adys=662&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c09b2155c51ff3b3009cc36c852f3b49b0eb6b352238d5b50eb0ae31dc003ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
48 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=6&adks=1529914173&sfv=1-0-40&prev_scp=pos%3Dmid2&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720544&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=984&adys=821&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97ab6853d82554916652488431bfe3ca0f43bc7972010c4aaef01b4ad8539454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11478
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
530 B
299 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=1895325302&sfv=1-0-40&prev_scp=pos%3Dwallpaper-ad&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720546&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=301&adys=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=242x0&msz=242x0&fws=4&ohw=242&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b34293aec79b6020d0f3259e7c56f9f997475f4e95c56f343ce9375318ce7821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=1742355188&sfv=1-0-40&prev_scp=pos%3Dbot&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie_enabled=1&abxe=1&dt=1681762720547&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=562&adys=2142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=746x0&msz=746x0&fws=4&ohw=1600&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f2ea9ba73f5ae19f97b3bf81aecbf706b0d77950095eb3972e36187b2205ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8004
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A44
6 KB
3 KB
Document
General
Full URL
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:40 GMT
expires
Tue, 16 Apr 2024 20:18:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1686524-24&cid=1483137519.1681762720&jid=885831478&gjid=120311705&_gid=374673767.1681762720&_u=aCDAAEAjAAAAAGAAI~&z=1333569529
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theticket1590.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.theticket1590.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 17 Apr 2023 20:18:40 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 4C94
36 B
570 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2212ed5a681d9151%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.theticket1590.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.theticket1590.com%2F%22%2C%22domain%22%3A%22theticket1590.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theticket1590.com%22%7D%2C%22content%22%3A%7B%22cattax%22%3A7%2C%22cat%22%3A%5B%22484%22%5D%2C%22data%22%3A%5B%7B%22name%22%3A%22iris.tv%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22ic_5619313%22%7D%2C%7B%22id%22%3A%22ic_2291553%22%7D%2C%7B%22id%22%3A%22ic_7753435%22%7D%2C%7B%22id%22%3A%22ic_2407074%22%7D%2C%7B%22id%22%3A%22ic_1612662%22%7D%2C%7B%22id%22%3A%22ic_0344266%22%7D%2C%7B%22id%22%3A%22ic_3890383%22%7D%2C%7B%22id%22%3A%22ic_7287399%22%7D%2C%7B%22id%22%3A%22ic_8555203%22%7D%2C%7B%22id%22%3A%22ic_7997629%22%7D%2C%7B%22id%22%3A%22ic_9358269%22%7D%2C%7B%22id%22%3A%22ic_4332534%22%7D%2C%7B%22id%22%3A%22ic_7190905%22%7D%2C%7B%22id%22%3A%22ic_8024878%22%7D%2C%7B%22id%22%3A%22ic_5365686%22%7D%2C%7B%22id%22%3A%22ic_4633273%22%7D%2C%7B%22id%22%3A%22ic_5381994%22%7D%2C%7B%22id%22%3A%22ic_3979040%22%7D%2C%7B%22id%22%3A%22ic_0854364%22%7D%2C%7B%22id%22%3A%22ic_2897216%22%7D%2C%7B%22id%22%3A%22ic_0899282%22%7D%2C%7B%22id%22%3A%22ic_9954675%22%7D%2C%7B%22id%22%3A%22ic_3393155%22%7D%2C%7B%22id%22%3A%22ic_9677800%22%7D%2C%7B%22id%22%3A%22ic_4262964%22%7D%2C%7B%22id%22%3A%22ic_2540565%22%7D%2C%7B%22id%22%3A%22ic_1655055%22%7D%2C%7B%22id%22%3A%22ic_0287034%22%7D%2C%7B%22id%22%3A%22ic_9536669%22%7D%2C%7B%22id%22%3A%22ic_2641516%22%7D%2C%7B%22id%22%3A%22ic_3885449%22%7D%2C%7B%22id%22%3A%22ic_6552771%22%7D%2C%7B%22id%22%3A%22ic_9297236%22%7D%2C%7B%22id%22%3A%22ic_5157939%22%7D%2C%7B%22id%22%3A%22ic_1343647%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A501%2C%22cids%22%3A%5B%22iris_10207eea42b62bc2%22%5D%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.theticket1590.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22lgla3o1v.fA6d51%22%2C%22adunitcode%22%3A%22lgla3o1v.fA6d51%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222b87769fe78eb2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438214%22%2C%22tid%22%3A%22c33cf22b-6540-438d-a73b-ed7dc7829c04%22%7D%2C%22video%22%3A%7B%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22video%2Fx-m4v%22%2C%22video%2Fmpeg%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22w%22%3A654%2C%22h%22%3A368%2C%22sizes%22%3A%5B%5B654%2C368%5D%5D%2C%22playerSize%22%3A%5B%5B654%2C368%5D%5D%2C%22placement%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B2%5D%2C%22battr%22%3A%5B9%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22stnvideo.com%22%2C%22sid%22%3A%22aaT9tu8u-GS2pOPJCB-Oig%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49946b9df4d3f6512f827ccb1c7e8c7a810dcbf7541092d8106a540530c56f0d

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kIPak4zv1nToRPNGTP0Wn7Ml203iLrWm8QPpNVOP4SF%2FxodubRETDGr73rf%2B8Fp6V1PEHDoOB1ZzM1yvorcSUElWFPjKlE3d8%2FmRmXqUcMtVRX9mfTODaQdtteTGUavQfXVIR%2BV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b975bcc1c0c9b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ Frame 4C94
19 B
526 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.17.0&referrer=https%3A%2F%2Fwww.theticket1590.com%2F&tmax=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.199.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-199-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 4C94
173 B
408 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.74.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-74-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dbdf64d204777289b4a162ad023cb10065006955a1284ef24bcf1147e00e1aa4

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.115.0
content-type
application/json
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 4C94
137 B
952 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5f8ff2377d1203addf94cfece652d6434a1c88c24aa5cf37cceee5ff5d1f0df9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:40 GMT
AN-X-Request-Uuid
89a94c87-5de3-48c5-9781-f2aad9c8753e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theticket1590.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 4C94
0
169 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Castricum, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.theticket1590.com
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
229991
search.spotxchange.com/openrtb/2.3/dados/ Frame 4C94
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/229991?src_sys=prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Mon, 17 Apr 2023 20:18:40 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-SpotX-Timing-SpotMarket-Primary
0.009446
X-SpotX-Timing-Transform
0.000587
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-SpotMarket
0.009446
X-SpotX-Timing-Page-Require
0.000356
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-SpotX-Timing-Page-Misc
0.001570
X-fe
140
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.013117
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000295
Last-Modified
Mon, 17 Apr 2023 20:18:40 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theticket1590.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-URI
0.000012
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-Mux
0.000831
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
hb
hb.undertone.com/ Frame 4C94
0
566 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=3590&domain=theticket1590.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-105.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theticket1590.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
x-amz-cf-id
ZAHA1F0X4NnHagFZPomNFFHhTgBf3R9GZ4S9Z8OLffccQLJOSdBS9A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 4C94
0
120 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
rules-p-_xVSK99pzATvb.js
rules.quantcount.com/
160 B
643 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-_xVSK99pzATvb.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27be4e71e772eab3143df5bee3739a1feb2eefe8a4f5c28de10824c7fb229a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:15:54 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Wed, 15 Feb 2023 17:26:44 GMT
server
AmazonS3
etag
"3b3245d31ad9cc34074025321393bbbf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
5U6DtXRIkzaQTMz7Qjq0w3nN6XQuLDM0g4lBhB-XpaBQMVMO6kG_FQ==
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1686524-24&cid=1483137519.1681762720&jid=885831478&_u=aCDAAEAjAAAAAGAAI~&z=1453312829
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1686524-24&cid=1483137519.1681762720&jid=885831478&_u=aCDAAEAjAAAAAGAAI~&z=1453312829
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D35JDKEKBV&gtm=45je34c0&_p=1617576976&cid=1483137519.1681762720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681762720&sct=1&seg=0&dl=https%3A%2F%2Fwww.theticket1590.com%2F&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&en=Scrolled%2025%25%20Down&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F728
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-BN6VStVE7gxpHhQzy6j8wVrzdOep1F9X_DbzeTiNo_1UVcbdzJwgQPbAMNlcQyQA6m_ymYtbVxjR2ClQkSEsdFnAmL1GI10tuk6SHY0YbGIuHe1dt3-fZ5Gee8hTrdbH6eHuSUgwucCkmKz8AhBERdPMyobJT8r1w8-LZAn6m8NimaI57YcRBGPFmgmwE-iXH2LOPYJYYmB-gfR-HglntTAYmEtzltia9be4uR-qacJJcOEb7ax_cjbjkHhXsaMdUrKSRj1Rt-7Lb-CkdYgV7Xkzp3JDGbVfzvunTVUbFFJ2lTNgevw6adkmQDb5&sai=AMfl-YQxJzRDQa1OtnX7v_ZJOxW3YPtg53KuVrbl8aX786py53wEknn3zemyEfzN8U_2-7prqVv2jKsWP_l9msF7HGLR2HLxjgPPMj6YRTZyEHD0JLTZ9kJKy5KByLJajiA4Xmwcy9fLYGo64xmJAAA&sig=Cg0ArKJSzOkTcQgpZMsUEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame F728
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:08:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
15022
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 16:08:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame F728
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 20:13:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F728
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:40 GMT
4052291185951905579
tpc.googlesyndication.com/simgad/ Frame F728
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4052291185951905579
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f18097986b2ca55173d7140ee04292d25aadad7ccdb83f207b7cbac17a6d00e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 12:06:16 GMT
x-content-type-options
nosniff
age
202344
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 15:31:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Apr 2024 12:06:16 GMT
ads
securepubads.g.doubleclick.net/gampad/
381 B
168 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883%2C676982961&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KYNG.AM%2Cpushdown&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1020x574&ifi=9&adks=1334123658&sfv=1-0-40&prev_scp=pos%3Dpushdown%26noprebid%3Dnoprebid&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie=ID%3D6cd1614a817e6b16%3AT%3D1681762720%3AS%3DALNI_MbzLk07ZKKaeHOo0_3amOOgp8HbRw&gpic=UID%3D00000bd7e97c3a49%3AT%3D1681762720%3ART%3D1681762720%3AS%3DALNI_MbnJlVpGofF3aKdTdJ1Ho9aZBFYew&abxe=1&dt=1681762720712&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=1570x883&msz=0x0&fws=132&ohw=1570&psts=AHQMDFfpnUy3U4OAx_mL3CADc_tGqArETKzcWJqXvVWwPNk3UXKnHc3pXEd1wrn-3jskUyz9p40K2osE-qyzpruDKg&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cd52d4c7b01f5842459daebc3f99412981f746c283701178e9877f499d6074d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
296 B
150 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883%2C676982961&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&adks=1337183562&sfv=1-0-40&prev_scp=pos%3Dw7m%26noprebid%3Dnoprebid&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie=ID%3D6cd1614a817e6b16%3AT%3D1681762720%3AS%3DALNI_MbzLk07ZKKaeHOo0_3amOOgp8HbRw&gpic=UID%3D00000bd7e97c3a49%3AT%3D1681762720%3ART%3D1681762720%3AS%3DALNI_MbnJlVpGofF3aKdTdJ1Ho9aZBFYew&abxe=1&dt=1681762720718&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=800&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x-1&fws=4&ohw=1600&psts=AHQMDFfpnUy3U4OAx_mL3CADc_tGqArETKzcWJqXvVWwPNk3UXKnHc3pXEd1wrn-3jskUyz9p40K2osE-qyzpruDKg&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6e8eca14c0697a660e270a4c5ba29e5ac49e9dbde99a6208a37fa35cf3217f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
131 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-932229734
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPSWXC&l=sharedContainerDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
577d2600070bc8e32aad7c2723c9bff860085ef37b77e2e5e124f65243882050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51355
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:40 GMT
/
www.theticket1590.com/category/insurify/feed/
Redirect Chain
  • https://www.theticket1590.com/category/insurify/feed
  • https://www.theticket1590.com/category/insurify/feed/
153 KB
154 KB
XHR
General
Full URL
https://www.theticket1590.com/category/insurify/feed/
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
7e54bd7f40457d4f2f9ead6605b419e7a86b0dc2681898ba2d73745f2106a1c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Mon, 17 Apr 2023 20:18:41 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 19:42:33 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
etag
"c3a25dbb703376d8910218ee15f2266e"
vary
Accept-Encoding
content-type
application/rss+xml; charset=UTF-8
cache-control
public, max-age=1432
x-whom
web-22.ampcms.internal
cf-ray
7b975bcfbef28ffa-FRA
link
<https://www.theticket1590.com/wp-json/>; rel="https://api.w.org/", <https://www.theticket1590.com/wp-json/wp/v2/categories/453>; rel="alternate"; type="application/json"
expires
Mon, 17 Apr 2023 20:42:33 GMT

Redirect headers

pragma
public
date
Mon, 17 Apr 2023 20:18:41 GMT
cf-cache-status
MISS
last-modified
Mon, 17 Apr 2023 19:42:32 GMT
server
cloudflare
x-powered-by
PHP/7.4.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
application/rss+xml; charset=UTF-8
location
https://www.theticket1590.com/category/insurify/feed/
cache-control
public, max-age=1431
x-whom
web-21.ampcms.internal
cf-ray
7b975bccbafe8ffa-FRA
expires
Mon, 17 Apr 2023 20:42:32 GMT
gtm.js
www.googletagmanager.com/
142 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6944991f72ffde4073e23e19461468bf5e72edd168aaff7bbc4eddb81aa36912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55549
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:40 GMT
o1n30140o1o81o1p838r162661r56psq.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
4 KB
957 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/o1n30140o1o81o1p838r162661r56psq.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9097551b48c4fd68bb0cb09442d93395f85d126e98fbf2dd9493dd15e0a586ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Mon, 17 Apr 2023 18:54:05 GMT
server
AmazonS3
etag
W/"dae0abb49eb3793da0a6e068b86891c2"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
W4ZBHIpJfpBAeKjDEuIVALXnHIFAogxcE1Q6Rqwxg3X4DI89J7xIYg==
pixel;r=879536955;source=choice;rf=0;a=p-_xVSK99pzATvb;url=https%3A%2F%2Fwww.theticket1590.com%2F;uht=2;fpan=1;fpa=P0-1991723017-1681762720597;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gd...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=879536955;source=choice;rf=0;a=p-_xVSK99pzATvb;url=https%3A%2F%2Fwww.theticket1590.com%2F;uht=2;fpan=1;fpa=P0-1991723017-1681762720597;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=theticket1590.com;dst=0;et=1681762720807;tzo=0;ogl=locale.en_US%2Csite_name.KYNG-AM%2Ctitle.KYNG-AM%2Curl.https%3A%2F%2Fwww%252Etheticket1590%252Ecom%2Ctype.website%2Cdescription.The%20Ticket%202%201590;ses=e05bee0a-58e8-4c5d-a2f8-daa57208a04a
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/?random=1681762720820&cv=11&fst=1681762720820&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&us_privacy=error&auid=1636582877.1681762721&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932229734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78c1498111e68db0cc34927c959e4270fe8599775d2db1198e5f2a63d63add91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1217
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/?random=1681762720829&cv=11&fst=1681762720829&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&userId=replace%20with%20value&us_privacy=error&auid=1636582877.1681762721&uamb=0&uaw=0&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-932229734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beabe6ca9380b653eac9df014c151f9726bd389d2ed86cdf30104eed7947d67a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1235
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F728
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
804a226ee2b9503958a249d9d9e51085a389cc48a405ad4d996f97264c6f669b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932229734/?random=1681762720846&cv=11&fst=1681762720846&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&us_privacy=error&auid=1636582877.1681762721&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3fa61a169f0f1419b5a7159afe5fbaec0c1bf272064d05b88211c8d429a5c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1198
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e76a48c0-391a-0137-e31a-06a9ed4ca31b
tag.simpli.fi/sifitag/
3 KB
4 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/e76a48c0-391a-0137-e31a-06a9ed4ca31b
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.90.223.176 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.223.90.34.bc.googleusercontent.com
Software
/
Resource Hash
559bf235d7efc79c6b9bb6ac1cd7a53aca53a7cf6dcbd1042e9e81b7c185d617
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3100
x-request-id
F1bSSMlRu05cw2d66HFB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
cirt_v2.min.js
media-cdn.ipredictive.com/js/
16 KB
6 KB
Script
General
Full URL
https://media-cdn.ipredictive.com/js/cirt_v2.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.34.212 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6688) /
Resource Hash
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2016 03:48:58 GMT
server
ECAcc (frb/6688)
x-amz-meta-s3cmd-attrs
uid:501/gname:staff/uname:tpu/gid:20/mode:33188/mtime:1466480833/atime:1466480865/md5:06959ee0164f60e0f6954610590aff8e/ctime:1466480833
age
447496
x-amz-request-id
JVD2MATY08T3K3NC
etag
"06959ee0164f60e0f6954610590aff8e+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
5805
x-amz-id-2
tobBStxL22RRPKEf9rIbZh8T90gyG2EDscHlxSnjZF/yLgWZOFesO2kLbrwAShaTaegnlVl9KHQ=
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Apr 2023 20:18:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Xb0hQTOJvUjiAzMtOh7nmiLpbIDMDUTGW7swgi2HxoQthdNb65sqHhJVjAcB1bDRfDhjAYqp+ixmRUeZMh2gTA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
up.js
up.pixel.ad/assets/
3 KB
2 KB
Script
General
Full URL
https://up.pixel.ad/assets/up.js?um=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMFP63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AC1.1 /
Resource Hash
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 16:22:21 GMT
server
AC1.1
age
388350
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1550
x-llid
97cf5b7aeee02a3743e993031b1dfd84
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&ldt=BIDS&key=5oC5qDti&c_id=5513&seq=1&order=5&vIndex=0&absoluteTime=2967.7&relativeTime=1001.9&sm_id=2686986&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=5935&load=1&status=LVFNLNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.ix.time=181.3&prebid.bidders.triplelift.time=173.6&prebid.bidders.rubicon.time=177.7&prebid.bidders.appnexus.time=174.6&prebid.bidders.unruly.time=210.7&prebid.bidders.spotx.time=209.4&prebid.bidders.undertone.time=269.1&prebid.bidders.pubmatic.time=173.4&prebid.start=2688.3&prebid.time=278.8&prebid.timeout=3000&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F728
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMroNqJLQLTSCt9UtE8QtU5b_uoUv70w7Ix8ut9zneFYU7BJImwvDEDpBAd8HRT8BzTRbfNhigNc_jUM6E6fN5c3tuTmqtTLXi_DpesB1NEUtuzfizjYalHJHWCYz6Wk-RX2QXQGZ_ObAFVmSPQ8urjlKTeqMnFk2ghM_lzhPcS69kbBYTaQrTV4blM7xjxTvwKwi83-h1j_DB6dtSEgb0fWaQUFqqd5a1ilhNoVg0Njysj2_viKYOpXFP2xErXN5jXseaigTSmw-BarLoQgZt0BC8hyQuEWcCy639OBD7omHNSE1Xjrxtbx0tNIYJJ0k&sai=AMfl-YQEWrqRMcIrUXvi5XGb2d8tTY4V8fetoOy99tqbVaKDCjhKBcyH38kEe5z1h7qP1wUExb3jJApweiONiKRlsMVecatijg_9mE98oW5f9eCJY-zrNPy-fm32Iw6WsXaekHq5EG59GjLKboAeQvE&sig=Cg0ArKJSzNGztDLmkNqTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:40 GMT
181461212508101
connect.facebook.net/signals/config/
377 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/181461212508101?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f81194cbd4697dd96c6a57cd32d09427a8ecdc603fd9dce20a981341b297f7d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Apr 2023 20:18:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
yPogfFiaOL7T+KB0YyRLXuda+81fBDcMSZUlsOJYsG6fdNB/Q0NVXkX3pKmtjXnelw9e588a0GROZ9SPcQlU6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 088F
17 KB
3 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2F53596966&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D297079351-bYoTP3-rbC6ebG9d%26schain%3Dstnvideo.com%2CaaT9tu8u-GS2pOPJCB-Oig%26content%3D5935%26placementType%3DPremium%26embed%3D5oC5qDti%26domain%3Dtheticket1590.com%26player_size%3Dlarge%26player_width%3D654%26player_height%3D368%26player_type%3Dfloat%26version%3D7.15.1-G%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00082%26rand%3D7%26uhr%3D20%26iris_id%3Diris_10207eea42b62bc2%26iris_context%3Dic_5619313%2Cic_2291553%2Cic_7753435%2Cic_2407074%2Cic_1612662%2Cic_0344266%2Cic_3890383%2Cic_7287399%2Cic_8555203%2Cic_7997629%2Cic_9358269%2Cic_4332534%2Cic_7190905%2Cic_8024878%2Cic_5365686%2Cic_4633273%2Cic_5381994%2Cic_3979040%2Cic_0854364%2Cic_2897216%2Cic_0899282%2Cic_9954675%2Cic_3393155%2Cic_9677800%2Cic_4262964%2Cic_2540565%2Cic_1655055%2Cic_0287034%2Cic_9536669%2Cic_2641516%2Cic_3885449%2Cic_6552771%2Cic_9297236%2Cic_5157939%2Cic_1343647%26us_privacy%3Dfalse&url=https%3A%2F%2Fwww.theticket1590.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.theticket1590.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=125000&vrid=1263268&us_privacy=1---&hl=en&cmsid=2631244&vconp=2&video_doc_id=2686986&vpa=auto&vpmute=1&cnc=6717&kfa=0&tfcd=0&sdkv=h.3.568.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=0&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.568.1&sid=3C70A3C3-2EC6-476C-A3ED-2D6549A1D091&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&top=https%3A%2F%2Fwww.theticket1590.com%2F&loc=https%3A%2F%2Fwww.theticket1590.com%2F&dlt=1681762718477&idt=1899&dt=1681762720927&cookie=ID%3D6cd1614a817e6b16%3AT%3D1681762720%3AS%3DALNI_MbzLk07ZKKaeHOo0_3amOOgp8HbRw&gpic=UID%3D00000bd7e97c3a49%3AT%3D1681762720%3ART%3D1681762720%3AS%3DALNI_MbnJlVpGofF3aKdTdJ1Ho9aZBFYew&correlator=1279685847636693&scor=4277527445376321&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e31124ba3d03b87e6c9ad95577ddcb1822dceb9390c8216664b3eaca2dd88ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3419
x-xss-protection
0
google-lineitem-id
5849218212
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374018597
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8197
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKVr-w16yKHTIdXDMcC5Edt0VcnZL8KkfU2kEBAWgHbiPifjnU8E1vbgVmZTBpD2MHinrhI9pqSadZuUTkq68k7luQo5or_k_vZEl7P3FRFukH7ww2WuwFfavrOyiM8JTq_dFcIC_Nf865HZMhtIgaFpGzh8WnqPEhmOiVra1wp8S-ltls4vioGA_I5Gk0apwMZPn_Cd3qUaruZfio3tUYqhqIvprxZe2VxA7mmrcT7dpDJh_i4uxAw_5Nn6hcLRTbznhT4_J1AiCtqLvon_6XSNBagSFmtqaGGQ1fBO4l-giHlv6c2fW5c0C4tde3KC3I&sai=AMfl-YR4G830TzKnF7u21YVTADkTEjGbAihpioUVl-FViFmK2Zo3DSk-q8IiFvBG9GHBBg_sVtUXvGBavcaA8unj9boJsKHbglSogCSyRbn9KcMwFiYGLLsbesWlIidKPqhNQg158LfN133DX-qaZhR_&sig=Cg0ArKJSzL3_0Y-oM3ujEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cumulus_728x90_1.js
dl.westseven.media/dist/ Frame 8197
44 KB
9 KB
Script
General
Full URL
https://dl.westseven.media/dist/cumulus_728x90_1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199f1cdc3df15de6c7544550bca52b02b7b751736047d479a928078ad5431937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KR2PET4B1P3DHSRY
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sG793qUmuLF0ykOozRfY2JlDAoj5mXEnGLVBe81wrpQcd4seBzRRflYXVylBpC+n9620zM3gUfQ=
cf-bgj
minify
last-modified
Thu, 23 Jun 2022 02:00:29 GMT
server
cloudflare
etag
W/"dbaa6b975c083068cfab7935ddb845b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eai9xZVQ3zvfRQXFRVQM53i01FM8tyk12cD%2BazFqQTo5s70NVcenAhvmrav9LdUOl77hcyZ%2BiOs1Ki3VTkutVMua0SuxkM9rQL%2Bty70wg4%2B%2BjMalRXIwNEAKjEUpixa7iCr7t4UQP9LcQhB9uha94wY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7b975bce68b5997a-FRA
pixel.gif
pixel.westseven.media/ Frame 8197
35 B
693 B
Image
General
Full URL
https://pixel.westseven.media/pixel.gif?key=cumulus_728x90_1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.114.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-114-84.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:41 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0, no-cache="set-cookie"
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8197
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:40 GMT
/
www.google.com/pagead/1p-user-list/932229734/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/932229734/?random=1681762720829&cv=11&fst=1681761600000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&userId=replace%20with%20value&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1613423195&rmt_tld=0&ipr=y
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/932229734/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/932229734/?random=1681762720829&cv=11&fst=1681761600000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&userId=replace%20with%20value&data=event%3Dpage_view&fmt=3&is_vtc=1&random=1613423195&rmt_tld=1&ipr=y
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/932229734/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/932229734/?random=1681762720820&cv=11&fst=1681761600000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2943508410&rmt_tld=0&ipr=y
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/932229734/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/932229734/?random=1681762720820&cv=11&fst=1681761600000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2943508410&rmt_tld=1&ipr=y
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ad.ipredictive.com/d/rt/
631 B
787 B
Image
General
Full URL
https://ad.ipredictive.com/d/rt/pixel?uuid=239a0e6f-4986-456d-8b97-8f4e8e5683db&rtsite_id=57885&sdk_src=js&ts=1681762721&rr=24223595463053815&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.theticket1590.com%2F&ds=1&xp_pdf=1&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.theticket1590.com%2F%22%2C%22title%22%3A%22The%20Ticket%202%201590%20%7C%20KYNG-AM%22%7D
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.143.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-143-35.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:41 GMT
Content-Encoding
gzip
Connection
keep-alive
X-CI-RTID
31c0c102-6e23-4d14-9eea-bec3addb6eb8
Content-Length
479
Content-Type
image/jpeg
asyncPixelSync
pixel.sitescout.com/dmp/ Frame CDCA
0
0
Document
General
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Mon, 17 Apr 2023 20:18:40 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
d0001ffffd6696eb
pixel.sitescout.com/up/
43 B
267 B
Image
General
Full URL
https://pixel.sitescout.com/up/d0001ffffd6696eb?cntr_url=https%3A%2F%2Fwww.theticket1590.com%2F&gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:40 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT
script.js
d13l4u7pe64ymo.cloudfront.net/ Frame 8197
123 KB
43 KB
Script
General
Full URL
https://d13l4u7pe64ymo.cloudfront.net/script.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:1:c325:9400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29a4c34be2d8d3ff62ec5125d03108daa23df126fcf1e118bf42cb2ec9861fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
l4ZQCevvsrhMJOQ_LhnwFwt0xEsn0XIA
content-encoding
gzip
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 20:10:54 GMT
last-modified
Sat, 15 Apr 2023 08:19:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
474
x-amz-server-side-encryption
AES256
etag
W/"d494300bdc6ab9959ec713b1aafbde4b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
Pead_BGu73YydU-yNxhHWLrOS7t4OLND0uueBNOIjaFMyrakhI7dLg==
19984_Cumulus_728x90.js
ads.rubiconproject.com/prebid/ Frame 8197
746 KB
166 KB
Script
General
Full URL
https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.120.62.44 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-120-62-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a3bbf13e4d2461a91249f89b5f7c581117eafb6db650acf87fe81f3007e27277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
gzip
last-modified
Tue, 14 Feb 2023 20:53:36 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
169441
expires
Mon, 17 Apr 2023 20:18:41 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 8197
75 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
871919d87d41b658272c618bfa3f2884ed2f0c5427143facb6704763e26ad3f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25470
x-xss-protection
0
server
cafe
etag
763 / 19464 / m202304120101 / config-hash: 3756285743670852327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:41 GMT
score.min.js
js.ad-score.com/ Frame 8197
438 KB
139 KB
Script
General
Full URL
https://js.ad-score.com/score.min.js?pid=1000449&tt=g
Requested by
Host: dl.westseven.media
URL: https://dl.westseven.media/dist/cumulus_728x90_1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6200:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
130d2977c5b71de88b4289a6f6fce6a3c7e1c719fc6b809be6f9a1bb6304a8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 15:36:02 GMT
Content-Encoding
br
Via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
16959
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 17 Apr 2023 15:36:02 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
eWyqZz9gJdPxxrf0PMpmoxnXue52KB8GvSlk6qg4Q81a1U8aIu2-Dg==
Expires
Tue, 18 Apr 2023 15:36:02 GMT
pixel.gif
pixel.westseven.media/ Frame 8197
35 B
693 B
Image
General
Full URL
https://pixel.westseven.media/pixel.gif?key=theticket1590_728x90_1&&r=0.03477978756373945
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.114.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-114-84.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:41 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0, no-cache="set-cookie"
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
truncated
/ Frame 8197
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
379cbb2f20f8275ba4c3a4a35157153eb5e0d61fb6796097104fb5222d3e46d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
www.google.com/pagead/1p-user-list/932229734/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/932229734/?random=1681762720846&cv=11&fst=1681761600000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&fmt=3&is_vtc=1&random=664715235&rmt_tld=0&ipr=y
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/932229734/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/932229734/?random=1681762720846&cv=11&fst=1681761600000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=0&tiba=The%20Ticket%202%201590%20%7C%20KYNG-AM&fmt=3&is_vtc=1&random=664715235&rmt_tld=1&ipr=y
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/ Frame 8197
401 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:54:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
1481
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127166
x-xss-protection
0
server
cafe
etag
9041812995692956310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Apr 2024 19:54:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 8197
92 B
89 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theticket1590.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23c6b274bbccec49a3c8d271cac1452ede67e45084d693934e18ce49fab0c1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:41 GMT
pwm_all.min.js
b3.tunegenie.com/js/
119 KB
33 KB
Script
General
Full URL
https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/loader2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d0ab5a723a62a656f416eded56644e45ac5d29c2c2858388d3102571592b884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Hzso136vZMoTJ38.5jlLYddX5P3qE.Nk
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:15 GMT
last-modified
Wed, 07 Dec 2022 23:44:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
1750024
etag
W/"72ad82955ee87e6e522a5958fa9a6d67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
IigDaLaQ4tbVKwWOcyyfVY541UZ5RQI8maoDYVRHm1tgXGLqKro9jg==
1a
i.clean.gg/ Frame 8197
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theticket1590.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 17 Apr 2023 20:18:41 GMT
server
nginx/1.21.6
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/
0
349 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3065041248302978&vrg=202304100101&nw_id=6717&nslots=10&eid=31073791%2C31073837%2C31073883%2C676982961&pub_url=https%3A%2F%2Fwww.theticket1590.com%2F&qid=CK6Guqzesf4CFa_Kuwgd68ABhQ&iu=%2F6717%2Fcd.KYNG.AM&e=512&ret=300x100&req=300x100%7C300x50&bm=0&efh=1&stk=0&ifi=10
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
o1n30140o1o81o1p838r162661r56psq-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/
434 KB
435 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/o1n30140o1o81o1p838r162661r56psq-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1d39d99d03c55dcce06fec6dd29d9716abe7c562e4fe974ccf4714e777b480e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
444244
last-modified
Mon, 17 Apr 2023 18:53:51 GMT
server
AmazonS3
etag
"c84f9b524c539c7613f4856842f85d9d"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
3MgPhDTEtjBK--yPLXyQZV6PyHZZcM1jtVu4uJOI2z_vAlI6H3Zj_Q==
cors
data.ad-score.com/data/ Frame 8197
50 B
602 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=6d9202dc3dec0313c2a7fd41&pm_pl=1681762721330&pm_td=11&pid=1000449&en=1.1&callback=__pm_glbl_vv4SDDJZ66aPGCsxgQlMpDtw._gc1&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8e3ac8bf77e09e09be3cb75251b5f5ace9a92d123918096bbbfe64af301df041

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:41 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.theticket1590.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
50
truncated
/ Frame 53F5
266 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8197
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
container.html
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCA9
6 KB
3 KB
Document
General
Full URL
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:40 GMT
expires
Tue, 16 Apr 2024 20:18:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 088F
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lgla3o0n&c=2539447526608&slotId=1269723763304&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cf02e9ad-1495-42d3-8f8c-cee3267b3806
https://www.theticket1590.com/ Frame 8197
720 B
0
Other
General
Full URL
blob:https://www.theticket1590.com/cf02e9ad-1495-42d3-8f8c-cee3267b3806
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
e9a0a4ab-62e1-44fb-a2c1-5b7b52bdfcc1
https://www.theticket1590.com/ Frame 8197
725 B
0
Other
General
Full URL
blob:https://www.theticket1590.com/e9a0a4ab-62e1-44fb-a2c1-5b7b52bdfcc1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
725
Content-Type
text/javascript
csi
csi.gstatic.com/ Frame 088F
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lgla3owo&c=2539447526608&slotId=1269723763304&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=181461212508101&ev=PageView&dl=https%3A%2F%2Fwww.theticket1590.com%2F&rl=&if=false&ts=1681762721582&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681762721581.932245078&it=1681762720914&coo=false&rqm=GET
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Apr 2023 20:18:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pixel.gif
pixel.westseven.media/ Frame 8197
35 B
274 B
Image
General
Full URL
https://pixel.westseven.media/pixel.gif?key=theticket1590_728x90_1&ao&r=0.11916433455588171
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.114.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-114-84.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:41 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
localstore.js
script.4dex.io/ Frame 8197
483 B
1018 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
349890
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CTsfbBS0s7CkwcrhLxW9myyIM9G70cgQx%2B5vDANenwgPzjstI56t4nghsfw212h3OGxxm%2BhqRLpknn9LQoUi8Y7PMHjHlDPMA3TBSJzfxZOWub0YWpod%2BxSok6Kh7Lm2EVglHZyTaQeLUHr"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7b975bd2bf3dbbf7-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 8197
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2u7i9FcdfNi4dxg4LXFnDrVjrkiG_1FuVh508fjiYEJh7AMB3T5aw5sRcz3lae4nVa_SnvQ2BECWsd4GOJg7_ST30ih1Qr2jWJC0-W8oitsuIMwIV-_4rCZx7vs_K1pi_vwUB-aGfKOPRt0nItrQQPQugOCZ5Upqs0aWBJbHw8cbKLuKlHgvArkL9wydaKD4omD4qmFND9vSDPkcl5Di7nhoXe02FQdK_pgFJ6p9Ltg94SmFghzPwx9A87eTEEEDeD8NcgnnfF1Kuaem7r84f-2wcdJQN6RnNqtAJFngwhsgBc-8S7IOU3r0Qkfwh-paaC_0&sai=AMfl-YRql6TiADJW0iwce1TIoAjQRL8u827eTlC4ncr7ENch_GPPkVe618Ie8VKnEKJG-rd8Q4P0JbuuTe7E1TNIvMSO6aRTetyvj06y0yskIC7cNwleXz5pIcVgLvMYBfyGAjDjqZkGLUqfsK7_HO_O&sig=Cg0ArKJSzP7vKFhqDHwBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:41 GMT
/
api.tunegenie.com/v2/full/config/
2 KB
1 KB
Fetch
General
Full URL
https://api.tunegenie.com/v2/full/config/?apiid=m2g_bar&b=kyngam
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.73.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-73-75.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6b4e4942828c6b213c090fc8961f52aa2fbcd3e42505686ca0f2c29531d057ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
gzip
Server
nginx/1.20.0
Vary
Accept-Encoding, Cookie
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
780
Expires
Mon, 17 Apr 2023 20:33:42 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 088F
156 B
142 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F172968584%2Fsynd_video%2Fsendtonews%2Fverge&description_url=https%3A%2F%2Fwww.theticket1590.com%2F&tfcd=0&npa=0&sz=640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&cmsid=2686986&env=vp&correlator=1279685847636693&nofb=1&vconp=2&vpa=auto&vpmute=1&sdkv=h.3.568.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.568.1&sid=3C70A3C3-2EC6-476C-A3ED-2D6549A1D091&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.theticket1590.com%2F&dlt=1681762718477&idt=1899&dt=1681762721697&cookie=ID%3D6cd1614a817e6b16%3AT%3D1681762720%3AS%3DALNI_MbzLk07ZKKaeHOo0_3amOOgp8HbRw&gpic=UID%3D00000bd7e97c3a49%3AT%3D1681762720%3ART%3D1681762720%3AS%3DALNI_MbnJlVpGofF3aKdTdJ1Ho9aZBFYew&scor=4277527445376321&fbidx=-1&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8197
138 B
953 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6ea994c8a6f88cca56162f365dfb0ab63638386cf6314ce042172cddaa1b7186
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:41 GMT
AN-X-Request-Uuid
e0e26ee0-11da-4c85-9187-c35e9d5aafd4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theticket1590.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8197
531 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19984&site_id=402390&zone_id=2254364&size_id=2&alt_size_ids=1%2C5%2C43%2C44%2C221%2C251&gdpr=0&us_privacy=1---&rp_schain=1.0,1!westseven.media,89ce2627d7f4,1,,,&eid_pubcid.org=45e4eba0-57b9-4c3e-a7d2-22cf52ef6f83%5E1&rf=https%3A%2F%2Fwww.theticket1590.com%2F&tg_i.page=https%3A%2F%2Fwww.theticket1590.com%2F&tg_i.domain=theticket1590.com&tg_i.elementid=theticket1590_728x90_1&tg_i.pbadslot=%2F25756908%2C6717%2FWSM%2Ftheticket1590_728x90_1&tg_i.aupName=%2FWSM%2Ftheticket1590_728x90_1&tk_flint=dmpbjs_v7.31.0-PPI&x_source.tid=b1aad337-97bb-4b0f-972e-f09308885bcf&l_pb_bid_id=45f1f5f3a22ed9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F25756908%2C6717%2FWSM%2Ftheticket1590_728x90_1&slots=1&rand=0.33789109062470635
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
977ab879e46fe8cf2c205b55c2474cf9f3c20278421e98c5a1a7e9706640de3a

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theticket1590.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
531
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 8197
0
280 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:41 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
server
envoy
vary
origin, Accept-Encoding
hb
hb.undertone.com/ Frame 8197
0
801 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=3989&domain=theticket1590.com&gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-105.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.theticket1590.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
x-amz-cf-id
slC5hRaJIvHBdzKLJoTjDSs4tfVJ2RIaFxEjNtCw4WJGPcCHpjBsEA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8197
139 B
954 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f2b0065f0f3ff4b8096a39b8e5c4c7f254cabb7cef765be27179c8c7d8bde852
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:41 GMT
AN-X-Request-Uuid
af72c6ff-1310-4b11-8f6c-6201c3f30989
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theticket1590.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame 8197
15 B
369 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.theticket1590.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ Frame 8197
94 B
633 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0-PPI
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3410f37a5b28ffd7d8147d4512bfa9a577977e7135735f01eae9f28f01c6b548

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 17 Apr 2023 20:18:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theticket1590.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
translator
hbopenbid.pubmatic.com/ Frame 8197
0
64 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:41 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adreq
ads.servenobid.com/ Frame 8197
1 KB
761 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=5067
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf45f50291d9ceb6cedef279475c1efb3fd184e9e02ce0445a0d5860a9493203

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.theticket1590.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3065041248302978&vrg=202304100101&nw_id=6717&nslots=10&eid=31073791%2C31073837%2C31073883%2C676982961&pub_url=https%3A%2F%2Fwww.theticket1590.com%2F&qid=CIODuqzesf4CFeVc5QodqqQLFg&iu=%2F6717%2Fcd.KYNG.AM&e=512&ret=728x90&req=728x90%7C970x90%7C970x250&bm=0&efh=1&stk=0&ifi=10
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FADE
499 B
381 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUavYd6Caa39C021HjogWxLpS38ciM-Y3-mT5lr6iYPoLlIOPFoushpz0I_exNS9klpoiOqmFb9bifCTmz4hLpHuzdutdeblk555SmeRK98FQUc7EA
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:41 GMT
expires
Mon, 17 Apr 2023 20:18:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DCA9
78 KB
28 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AFSwiwbR_dNXj1EkzPlYy1-cHL_VELBj-v9ivagrsIYdRbjsI3Fo8917BFrRTwNXJu_HalKXQ4hk57rs-Rpt0V42sSgFfsLNpq2X8DLyQD39YWayE
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10816691080679771110&x=1&ct=77
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame DCA9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 20:13:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame DCA9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15531
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCA9
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:41 GMT
silent.mp3
b3.tunegenie.com/
813 B
1 KB
Media
General
Full URL
https://b3.tunegenie.com/silent.mp3
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17721a87106f3de689f70866bbc543c836129034f7d01e4509691cb39f1fdfe0

Request headers

Referer
https://www.theticket1590.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
uk8Oo8ulaov4J86_2cSyKDrRzbTCtqj5
date
Mon, 17 Apr 2023 19:30:52 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
2870
x-cache
Hit from cloudfront
Content-Range
bytes 0-812/813
Content-Length
813
last-modified
Thu, 10 Sep 2020 03:51:46 GMT
server
AmazonS3
etag
"bc43049e0f0bc60fa3e18478e7251d87"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=7776000
accept-ranges
bytes
x-amz-cf-id
v-KXIXu-GoeM9i6pXPfr681oDDZ8mcsCJ6wQuiMuQdP7FUS_Yf0gWw==
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065041248302978&correlator=2979408885680591&eid=31073791%2C31073837%2C31073883%2C676982961&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6717%2Ccd.KYNG.AM&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x60%7C300x50%7C320x50&ifi=11&adks=1008775930&sfv=1-0-40&prev_scp=pos%3Dplayersponsorlogo%26noprebid%3Dnoprebid&cust_params=cms-sname%3DKYNGAM%26cms-sgroup%3DAll%2520Sites%252CFormat%2520%2520Sports%252CMarket%2520%2520Fayetteville%2520AR%252CCumulus%2520OO%26cms-ptitle%3DHome%26cms-pcat%3D&sc=1&cookie=ID%3D912b025b0db2a12c%3AT%3D1681762720%3AS%3DALNI_MY_5ZxuWjegteXL481km8tkzBAHEw&gpic=UID%3D00000bd7e9c5c2ec%3AT%3D1681762720%3ART%3D1681762720%3AS%3DALNI_MZKpYzos4LM88M53QR_tyw15DIUHw&abxe=1&dt=1681762721773&lmt=1681762529&dlt=1681762718477&idt=1208&adxs=1065&adys=1141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&frm=20&vis=1&psz=1120x-1&msz=120x-1&fws=516&ohw=1600&psts=AHQMDFfvyMuYF2EgWeaTxzXkLSmGPpd5Ab6woUs0vfX1-vREQJi0IadqOfiuJrVo8WZztSD9lDoq0iJon3bXT2CyHA%2CAHQMDFfpnUy3U4OAx_mL3CADc_tGqArETKzcWJqXvVWwPNk3UXKnHc3pXEd1wrn-3jskUyz9p40K2osE-qyzpruDKg%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1483137519.1681762720&ga_sid=1681762721&ga_hid=1617576976&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21d647c1b2d79e6cddbd28f0ad41de6785540159c9a2ed2df7d6ac5a2446a562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ Frame 8197
74 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlgm2HFUAVK8hgwewBKAE1t0pm4ebRn2en79F1j6XaMutCiI8q2qgy1IwUoy6k6DANtq3t6T3L56bJjbIhhnDduFP5KBB0aVnG%2F5EDFGa0tqdkhQ%2FO3%2Fi2VtIq3gZPBFwuRh9eEx69r%2BCy7J"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7b975bd3deca9c01-FRA
pixel
cm.g.doubleclick.net/ Frame FADE
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUavYd6Caa39C021HjogWxLpS38ciM-Y3-mT5lr6iYPoLlIOPFoushpz0I_exNS9klpoiOqmFb9bifCTmz4hLpHuzdutdeblk555SmeRK98FQUc7EA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FADE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0&C=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUavYd6Caa39C021HjogWxLpS38ciM-Y3-mT5lr6iYPoLlIOPFoushpz0I_exNS9klpoiOqmFb9bifCTmz4hLpHuzdutdeblk555SmeRK98FQUc7EA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame FADE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZD2poTz-HOGiKbJ-73U3eQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUavYd6Caa39C021HjogWxLpS38ciM-Y3-mT5lr6iYPoLlIOPFoushpz0I_exNS9klpoiOqmFb9bifCTmz4hLpHuzdutdeblk555SmeRK98FQUc7EA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELFggI5uvtmGfXJidnL_Z8Q&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 088F
42 B
223 B
Fetch
General
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bwr8Zoak9ZPgy2Ybv9Q_OpZOQBtqIqrBGAAAAEAEg0b23PTgBWKXs772DBGCVkpuCrAeyARV3d3cudGhldGlja2V0MTU5MC5jb226AQs0ODB4MjcwX3htbMgBBdoBHmh0dHBzOi8vd3d3LnRoZXRpY2tldDE1OTAuY29tL5gC4F3AAgLgAgDqAhIvOTIwNTYyODEvNTM1OTY5Njb4AvLRHpADyAaYA4wGqAMB4AQB0gUGEKT5j-UVkAYBoAYkqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDgBwHSCA8IgGEQARgdMgKKAjoCgEDYCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=lvNNRa9JonA&label=videoplayfailed303&sdkv=h.3.568.1&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU4NDkyMTgyMTJAsgRSGSUAAPBBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.568.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
be7d3431-350a-470b-a0ae-c5c43dbe4b45
https://www.theticket1590.com/ Frame 8197
288 B
0
Other
General
Full URL
blob:https://www.theticket1590.com/be7d3431-350a-470b-a0ae-c5c43dbe4b45
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304062309000/ Frame FA77
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 15:14:31 GMT
age
18250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61901
x-xss-protection
0
server
sffe
etag
"8572ebb49fe3e70f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Apr 2024 15:14:31 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame FA77
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 15:14:31 GMT
age
18250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"ad2d0ddcea45401f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Apr 2024 15:14:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame FA77
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 15:14:31 GMT
age
18250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28974
x-xss-protection
0
server
sffe
etag
"441c199a95baae2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Apr 2024 15:14:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame FA77
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 15:14:31 GMT
age
18250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1904
x-xss-protection
0
server
sffe
etag
"60fdf036b4edbfa8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Apr 2024 15:14:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304062309000/v0/ Frame FA77
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Apr 2023 15:14:31 GMT
age
18250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"53b4f6addb6819c0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Apr 2024 15:14:31 GMT
truncated
/ Frame FA77
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0b5231e9067c00bcf87b710befaa3ca3ae7ff628f249bf190b0b988d67a1272

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
6588416536420273903
tpc.googlesyndication.com/simgad/ Frame FA77
104 KB
104 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6588416536420273903?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnEN0-OaHVu1EhlTmjZPxTl4kTsrQ
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cbcb1196c5e91f7a8602c89b30bb7dd3c1f714d5c8072414882b592d45bc867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:36:34 GMT
x-content-type-options
nosniff
age
27727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106911
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 10:47:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Apr 2024 12:36:34 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA77
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 21:33:12 GMT
x-content-type-options
nosniff
server
cafe
age
81929
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Mon, 17 Apr 2023 21:33:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA77
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 07:58:03 GMT
x-content-type-options
nosniff
server
cafe
age
44438
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 18 Apr 2023 07:58:03 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FA77
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ7ymoak9ZKf0DduD7_UPxZ6-WLvrw-tv497I5aMR2tkeEAEgl6rtdWCVkpuCrAegAYeDv_cDyAEC4AIAqAMByAMIqgT7AU_QsE7s_Ff4PLV_NFDO4XQZwGeNcvLHNbMrFHXb1Wfiz9J6USqVsZGwr2aMgg3311mgAHwlOYDzi6k0jqhZu2nQgPsBWWS678dacoOjaFCwzi6V4c2MGBah1H6o1g_aT9XGj2zu1yGAJEYMu_OsEtgYPWLPLtkwY98qVzuNJpUzyaRBqor2ODiuiCq-eaWzq5pMe5qAlLMGUIiqtwbMz9AaB4iG5ORPnJ1nQI5PBf8vO6CMC1diu7HBIsYhiSyXmp3wwX855Yevsr18c27CES7QHIlhYBTmmg-zjPY476555ozOME_WGgBibpjzmRyO8Ggq5HL-D4Yy17ZdwASkwejAmATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHprv-hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDWqQ3SCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzg0NTk2NjQxNzg4NjE2NhiW7hE&sigh=DlFidpcTfSI&uach_m=[UACH]&cid=CAQSTABygQiD0-BVx1mv5J1ECldAuwmqMcGTxXRqgM9ykjXHPufHKVzviUdb-SDdT6hHqsrCdFRhsR-1SgjpQGa9uEn9eHAzNj6qncK1MP8YAQ
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9553197022747&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9553197022747&version=m202301230201&ct=77&x=1&cor=10816691080679770000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DCA9
15 KB
11 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4XjZh741Qtlwnr-jlfSTjWGyZiso2l2XRAOID42dLOknratmYpsPXK-Udm53WNOz07S_eQlEsF0EXB5AMmRp5hX7SfhnrpDODPQDH4fWY9YWiMwDrBF6O8yRpB5k6cBZd9f-2nxxJJ3hU7JPN9KiSAX2qfaajnSeto6YA6pGesA0M7Os&cry=1&dbm_d=AKAmf-DRdP-921v9vTrYPzGyqiN3R92I7iJlNUKtUYCQhXi_uzochR9UHhsyTK5MEsKQ5JdMdveOiQ8N6iN0ZHo6Fp9I5ErnwMdZhmYMjMcfnwcU96ITU0DqUXLDf5mpMDNPa0x5rQWga_iOY3FVjIs1_uQsF55U4Th1YbhOPmN8WiERTfQY2Ezj9p2JV7Ec5kzNwlUXN0m_llL6ca4_LGTAN5nytTDSXPrhYaq-C46EgN1RglXIvzKXPA-MP7s7y_-yDsSMBrCc0I2_t9zNg52I7wQPDgr6hcRuFtRoqzCrksiRkfcnYFOJZ8xl3xR6d_HmwMLkKEHVMXHFPFwuWYdBBVrW-dDG5d4GU6b1fYJuOVuS0n5AWR37Yp4UzA1LFuRJtqZ6gpzBjQ1sq_pbopQdAcKgTWbe4TuxPP7Vc8oyZ0fcWnh8xEN8JWmn2Lu9QGNCHL7YUF7WUnwkK0g3IB3omPS-aGQHmiW0S305L1OMHo4Q5hp31wgGocbgZIFD4TlM4svpRz2_HONx2eMj3GbhKzIJfeZE_SzdCO2H0eNyFgxlBCPqtuRumErjZf0YPVATo3Ot6QCrpxys_CH4NsX2mLo06nDpIvq8IcyZ-0PPpEgTH6xi977-6RqGn_5hjxWG6QDeklDE3b_OsOOzy17bXRQeMlyDxjbPxPZTwWZvP6b9BTubtrm7K0jKGnFBa0Khl75OpLv6NLWs-5DwzaVUUhOZTcqpLZCLCVbfSHWZIraGH-Rl-_0H3hop2dJo2lsLCFfXujZr9g6ZdvCWTcXW4fpnDaUVCqbw23fPHodWs45wMRHYloUbTLtbmT3mWmBDyDoqNrTqwNWYSCCF-vPYnpTnSkd9jG12ae5HI1LB0mZFj7CaZ1Ua_zHu2o0KETgHoj6BWppo68Zo2Y_rThWr9TshzbDbCr_OVR79VHUNiHcwh3fmpQD-PWNgRkd8LnzAwUup91BBPjlCUd9bEjoJOJdfB_Y5BgZ0L_ns_Gvt0lXBQ7xArnUcYNu0PXM5XPAIiSfvAlFmzgMWASgpBxXolQ-5K_at17tW4JKdhGBkRx1P3AvIZI5DyjMtl1E96TGZuVtPnCbQQWFWlg2pK-nSczBAPLF3kpC5P_kGG3c1PJV3oYznRVvZPFTxmnhAr0Tlvr90QT-FJU9GqKAHvRVNU-3beP_yWRRHnzqSUyBgA7S7GLOdWka49RjIPvG_77ydDsQGZQYZVmWkbriYbRgSLac6Z8F5MGEMx1qRG6cv7raUIz5XoQcyERpYZrSsgIx15cjUX6JJ-NMS4Boiggnm1YFthCT2ilut24VRs0bleslhD3DSODpObruQpZ2a0YzXLDZ7uG_uzBdeJxWXjQPDQ5F3x9hrh0BeOphqUTpLnfCuuOjRmrl550Wc2hbXxDrh6ZrQjNh5nV6DH2oQX2lXQy9Z4lR9TM4WUeCr22Mlr1EUurDCqmMDVpCj3eICe0EEJR72vFXyBamjye7O8cCc98vUCPXILWi6nWXrNkxPGwiddIKXiZynsR0FSnlSRmrhenZ8mxPzGuN-cq7_ggt7IhZM3MSEDZryGKUheZ-GM-okMerIcAnSv5_zdWnRUgZ4J1HoCizw3V2SShOkVq0cWQvLN3xRBXrOPlQKDPX_40wSw3G902XPu7p9XqFpZoe-EkIxHimDvrVm8VRfoWQrTpMyl1KPF_h5tynydGkPqjQxY_TxA58jCe9Zz-AK7rPuRJ8pWI9p53_JgdQccKbdXVyh5mvg1nXnvqZqI97Q1Nf4VXGy_lZd8roTFIMd7QG9fe4ukUSUQHS-kknD80DdKQaNsCrpyssr75OF-Ho-RJejHLXIcXYJXSny2h-Q_wf1rkzGrVKaBepr1twVXNk4RfB6S1Hu4MuueIAHS_gyIohEEUHFB_deb_WQMtE7ab-wzFnMN2TIY-Qb7EVF5YY28PFqhphCUZ9MCHYxRw--6fOADWxERRO47aLvZEiMmzxF4ulew3oZ_kxHNLImvVoZx384Cd-x9iJa2vi3oTe8ter3n3FgOnzqFFU96K_lnb6iwP4RCr7pJtPDzYQpPMFXe-VCbKHqTSGx5fjceO_QYbWJq4aGEm35pvOJWqbJVzUdo0kAfCQbhavhB_m77uew0sT_wLfYhN2kcaG0q7JdLzuQV_NTuvs10vBwsKeDFF7a6zKo7l3lsXF92Kcu4gxUkUQ0vsZO6EesamG3JZEMdoO-fSweY_o5JraCmJPvs0oBOXN1Fios-UtIOHEf1G9KQWmyzx3svSqeJ3xxLNUuCY1Qy2HnTmqNiLHy97Es92QirgFlt36U6Y9yghWWAtxNkPLVbOZx7MRSvQi6wrQNwy4HsRxfjrvGwhxtSyKpO1WgX1XKOSyAfD2aUbG5eRQWRbce5mm5ieTgl6QbzKowXVOsx16F9qVvIb-0HZ66nCf9wJvWGQesL1q6gHhVvEuH7tSD2aL-ctDabXNORIDnD-D3tiljIuIN6WWtCpBkrZ7GhUz_AHJ-OH2hfHt79D3JxRMDOMoq905yYTGE8zqzK9InT2pn3jAGC184WuQfinFkMJOFyK-5TpDNiTZqeL8KYdrxM_fXj5XAPkXhh86AT6bOTSW7UYqUD7AmTIa_Pl2M2H8TJEoHOzW4QqWtvl0B6iLzNISwOqo3d_uO_M6iE978RcbEGQFKA77eRf9YeroggEKxA4mzArbHHyuMh_2gWxHFowrfVRP1fAa5VpSe9NUZ03HYPw35jANDweIj0rr6DmWzQyBWVChCaHFxj29B88AZExh-0l1JS2D6xuak168qjYDgCAOHCVSFeAiE377O_QN7rl0rJMIe_uOvpFdJGuIOflWlU8mRLhnku8SDT_comlxhpz8Ke_exwm8i82nCK9W4P-DsTXVie-s5UYJkqRzg7H7MJGbq-yMgHhQXBNjACzGdPrnjYf_QXrisxQ4GKm5HR4mwP7OyrW5RRvmdQhYGhmVB7zsqBPKtZ8jfm-sMtC4Vshc8Iexc4e9I5dWZGL60J-B_cfu2lFVs806mwWGVFoHPTl6YKqsoBGbjxj-gDkJ-0tVFkC66gtQBeVFViajDHf60CcSICk8YYkJ2mcjUCEpCSflsCOxZtV1JynsOsVNu_tYoPJirMUVlYRCfKyX4ysjiF8PbXjh6-MBdRe1SV6ubmziC5tMP9rYI_MKy7-DIjXQ_WMa_3dEyH_y4rohe7-5kLMAqOdcq3BGXSpgembXhk3eAbeJTa35mzN5WRbkzMo-wtr2_muKgZTYLUMZ9ytwfP5nmLgnT2-ONq2htrz2krZqJEVgb_MH-_JkWjzOMPnH3Ir4QGikp3Fu3ICv03-RomJEg5OlKQ1N8fOAeW694iUt87FHX0f21p6kZt1yoi9oDwkpJYeWw7CG5PVZQlbVTZXGzJSfF8hW0fNqd1YzoUfFxzBpXL7tJIKHYAD0_ekNaUq8BvNNkZFPCfniTGvvka_0Gkzahu1Z4jlSMG0Rdn1veNHBXIh4mYj2-SDFRYru2LTotOAYD4-Yp1KVRUXCarCGsr5mLp486-2nFKzNjOOwv3AxWs8dvk9G0IVLVcIwgFLqkyXSfKO-Irmr9CqzV&cid=CAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=10816691080679770000&adk=2857193498&idt=85&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93fdfe3f7e837c7fa3879b4b6b6a822ae669fbb2c6c966d433fc280e425db9e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&ldt=NO_IMP&key=5oC5qDti&c_id=5513&seq=1&order=6&vIndex=0&absoluteTime=3980.3&relativeTime=2014.5&sm_id=2686986&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=5935&load=1&status=LVFNLNIY&ac_id=2008&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame F728
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRO7wKUbqFJBmnyQs0jHAORou0sNUu7MzYz4gWiaR2mq7e9ZmXS4D0pYc6c01ezN1BLjRT9GcuZiAYIBXEpRdFl__hD60u0JwKBoTZIr6WH_2Eh5Ma&sig=Cg0ArKJSzOPkv5K-TjMuEAE&id=lidar2&mcvt=1000&p=368,984,468,1284&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3999203455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681762720666&rpt=218&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/data/ Frame 8197
1 B
277 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=6d9202dc3dec0313c2a7fd41&pm_pl=1681762721330&pm_td=596&pid=1000449&en=1.1&callback=__pm_glbl_vv4SDDJZ66aPGCsxgQlMpDtw._gc2&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.theticket1590.com
Date
Mon, 17 Apr 2023 20:18:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
car-models-speeding-tickets-data-2023.png
a.storyblok.com/f/162273/946x1095/a4c8290c1c/
61 KB
62 KB
Image
General
Full URL
https://a.storyblok.com/f/162273/946x1095/a4c8290c1c/car-models-speeding-tickets-data-2023.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7902803ab519270d9c6374a0ba8b07cbe582c91b8f262bda3dd63d5a00b19f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 18:08:02 GMT
x-amz-version-id
8UTYbQO3MZqvNgUHqBNP9nEbEV4Mm21F
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
180641
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
62502
last-modified
Thu, 06 Apr 2023 14:31:26 GMT
server
AmazonS3
etag
"a75b277dd8fb3bbdb26712a0508f1e40"
content-type
image/png
cache-control
public; max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oFXc7_nRxknUCDoW0oNsNBy96Jrf3PrhJXbhQ1FXIrPxap90aeYVaA==
expires
Fri, 05 Apr 2024 14:31:25 GMT
insurify_logo_orange.svg
express-images.franklymedia.com/6616/2020/03/09171956/
6 KB
3 KB
Image
General
Full URL
https://express-images.franklymedia.com/6616/2020/03/09171956/insurify_logo_orange.svg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:176c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0d49ae011d8ef1983288cb6050e1964a1991e1639868c0be52753423b1ad60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:41 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
M1VSGJVJQ58CWN0E
age
127883
content-length
2772
x-amz-id-2
MoZXA3s6pl6d3ZaoQZ7QxoqgE+26hQOLk8yye/4SBeE6v1Vnmja9BLMIn4mfFPFKY37ZstrEQQc=
last-modified
Mon, 09 Mar 2020 21:19:57 GMT
server
cloudflare
etag
"2cc2d396ff45a173841bdf575ee86638"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7b975bd4385139e6-FRA
expires
Tue, 16 Apr 2024 20:18:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DCA9
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4XjZh741Qtlwnr-jlfSTjWGyZiso2l2XRAOID42dLOknratmYpsPXK-Udm53WNOz07S_eQlEsF0EXB5AMmRp5hX7SfhnrpDODPQDH4fWY9YWiMwDrBF6O8yRpB5k6cBZd9f-2nxxJJ3hU7JPN9KiSAX2qfaajnSeto6YA6pGesA0M7Os&cry=1&dbm_d=AKAmf-DRdP-921v9vTrYPzGyqiN3R92I7iJlNUKtUYCQhXi_uzochR9UHhsyTK5MEsKQ5JdMdveOiQ8N6iN0ZHo6Fp9I5ErnwMdZhmYMjMcfnwcU96ITU0DqUXLDf5mpMDNPa0x5rQWga_iOY3FVjIs1_uQsF55U4Th1YbhOPmN8WiERTfQY2Ezj9p2JV7Ec5kzNwlUXN0m_llL6ca4_LGTAN5nytTDSXPrhYaq-C46EgN1RglXIvzKXPA-MP7s7y_-yDsSMBrCc0I2_t9zNg52I7wQPDgr6hcRuFtRoqzCrksiRkfcnYFOJZ8xl3xR6d_HmwMLkKEHVMXHFPFwuWYdBBVrW-dDG5d4GU6b1fYJuOVuS0n5AWR37Yp4UzA1LFuRJtqZ6gpzBjQ1sq_pbopQdAcKgTWbe4TuxPP7Vc8oyZ0fcWnh8xEN8JWmn2Lu9QGNCHL7YUF7WUnwkK0g3IB3omPS-aGQHmiW0S305L1OMHo4Q5hp31wgGocbgZIFD4TlM4svpRz2_HONx2eMj3GbhKzIJfeZE_SzdCO2H0eNyFgxlBCPqtuRumErjZf0YPVATo3Ot6QCrpxys_CH4NsX2mLo06nDpIvq8IcyZ-0PPpEgTH6xi977-6RqGn_5hjxWG6QDeklDE3b_OsOOzy17bXRQeMlyDxjbPxPZTwWZvP6b9BTubtrm7K0jKGnFBa0Khl75OpLv6NLWs-5DwzaVUUhOZTcqpLZCLCVbfSHWZIraGH-Rl-_0H3hop2dJo2lsLCFfXujZr9g6ZdvCWTcXW4fpnDaUVCqbw23fPHodWs45wMRHYloUbTLtbmT3mWmBDyDoqNrTqwNWYSCCF-vPYnpTnSkd9jG12ae5HI1LB0mZFj7CaZ1Ua_zHu2o0KETgHoj6BWppo68Zo2Y_rThWr9TshzbDbCr_OVR79VHUNiHcwh3fmpQD-PWNgRkd8LnzAwUup91BBPjlCUd9bEjoJOJdfB_Y5BgZ0L_ns_Gvt0lXBQ7xArnUcYNu0PXM5XPAIiSfvAlFmzgMWASgpBxXolQ-5K_at17tW4JKdhGBkRx1P3AvIZI5DyjMtl1E96TGZuVtPnCbQQWFWlg2pK-nSczBAPLF3kpC5P_kGG3c1PJV3oYznRVvZPFTxmnhAr0Tlvr90QT-FJU9GqKAHvRVNU-3beP_yWRRHnzqSUyBgA7S7GLOdWka49RjIPvG_77ydDsQGZQYZVmWkbriYbRgSLac6Z8F5MGEMx1qRG6cv7raUIz5XoQcyERpYZrSsgIx15cjUX6JJ-NMS4Boiggnm1YFthCT2ilut24VRs0bleslhD3DSODpObruQpZ2a0YzXLDZ7uG_uzBdeJxWXjQPDQ5F3x9hrh0BeOphqUTpLnfCuuOjRmrl550Wc2hbXxDrh6ZrQjNh5nV6DH2oQX2lXQy9Z4lR9TM4WUeCr22Mlr1EUurDCqmMDVpCj3eICe0EEJR72vFXyBamjye7O8cCc98vUCPXILWi6nWXrNkxPGwiddIKXiZynsR0FSnlSRmrhenZ8mxPzGuN-cq7_ggt7IhZM3MSEDZryGKUheZ-GM-okMerIcAnSv5_zdWnRUgZ4J1HoCizw3V2SShOkVq0cWQvLN3xRBXrOPlQKDPX_40wSw3G902XPu7p9XqFpZoe-EkIxHimDvrVm8VRfoWQrTpMyl1KPF_h5tynydGkPqjQxY_TxA58jCe9Zz-AK7rPuRJ8pWI9p53_JgdQccKbdXVyh5mvg1nXnvqZqI97Q1Nf4VXGy_lZd8roTFIMd7QG9fe4ukUSUQHS-kknD80DdKQaNsCrpyssr75OF-Ho-RJejHLXIcXYJXSny2h-Q_wf1rkzGrVKaBepr1twVXNk4RfB6S1Hu4MuueIAHS_gyIohEEUHFB_deb_WQMtE7ab-wzFnMN2TIY-Qb7EVF5YY28PFqhphCUZ9MCHYxRw--6fOADWxERRO47aLvZEiMmzxF4ulew3oZ_kxHNLImvVoZx384Cd-x9iJa2vi3oTe8ter3n3FgOnzqFFU96K_lnb6iwP4RCr7pJtPDzYQpPMFXe-VCbKHqTSGx5fjceO_QYbWJq4aGEm35pvOJWqbJVzUdo0kAfCQbhavhB_m77uew0sT_wLfYhN2kcaG0q7JdLzuQV_NTuvs10vBwsKeDFF7a6zKo7l3lsXF92Kcu4gxUkUQ0vsZO6EesamG3JZEMdoO-fSweY_o5JraCmJPvs0oBOXN1Fios-UtIOHEf1G9KQWmyzx3svSqeJ3xxLNUuCY1Qy2HnTmqNiLHy97Es92QirgFlt36U6Y9yghWWAtxNkPLVbOZx7MRSvQi6wrQNwy4HsRxfjrvGwhxtSyKpO1WgX1XKOSyAfD2aUbG5eRQWRbce5mm5ieTgl6QbzKowXVOsx16F9qVvIb-0HZ66nCf9wJvWGQesL1q6gHhVvEuH7tSD2aL-ctDabXNORIDnD-D3tiljIuIN6WWtCpBkrZ7GhUz_AHJ-OH2hfHt79D3JxRMDOMoq905yYTGE8zqzK9InT2pn3jAGC184WuQfinFkMJOFyK-5TpDNiTZqeL8KYdrxM_fXj5XAPkXhh86AT6bOTSW7UYqUD7AmTIa_Pl2M2H8TJEoHOzW4QqWtvl0B6iLzNISwOqo3d_uO_M6iE978RcbEGQFKA77eRf9YeroggEKxA4mzArbHHyuMh_2gWxHFowrfVRP1fAa5VpSe9NUZ03HYPw35jANDweIj0rr6DmWzQyBWVChCaHFxj29B88AZExh-0l1JS2D6xuak168qjYDgCAOHCVSFeAiE377O_QN7rl0rJMIe_uOvpFdJGuIOflWlU8mRLhnku8SDT_comlxhpz8Ke_exwm8i82nCK9W4P-DsTXVie-s5UYJkqRzg7H7MJGbq-yMgHhQXBNjACzGdPrnjYf_QXrisxQ4GKm5HR4mwP7OyrW5RRvmdQhYGhmVB7zsqBPKtZ8jfm-sMtC4Vshc8Iexc4e9I5dWZGL60J-B_cfu2lFVs806mwWGVFoHPTl6YKqsoBGbjxj-gDkJ-0tVFkC66gtQBeVFViajDHf60CcSICk8YYkJ2mcjUCEpCSflsCOxZtV1JynsOsVNu_tYoPJirMUVlYRCfKyX4ysjiF8PbXjh6-MBdRe1SV6ubmziC5tMP9rYI_MKy7-DIjXQ_WMa_3dEyH_y4rohe7-5kLMAqOdcq3BGXSpgembXhk3eAbeJTa35mzN5WRbkzMo-wtr2_muKgZTYLUMZ9ytwfP5nmLgnT2-ONq2htrz2krZqJEVgb_MH-_JkWjzOMPnH3Ir4QGikp3Fu3ICv03-RomJEg5OlKQ1N8fOAeW694iUt87FHX0f21p6kZt1yoi9oDwkpJYeWw7CG5PVZQlbVTZXGzJSfF8hW0fNqd1YzoUfFxzBpXL7tJIKHYAD0_ekNaUq8BvNNkZFPCfniTGvvka_0Gkzahu1Z4jlSMG0Rdn1veNHBXIh4mYj2-SDFRYru2LTotOAYD4-Yp1KVRUXCarCGsr5mLp486-2nFKzNjOOwv3AxWs8dvk9G0IVLVcIwgFLqkyXSfKO-Irmr9CqzV&cid=CAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=10816691080679770000&adk=2857193498&idt=85&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 18:12:30 GMT
g72h7lz2c4az
hal9000.redintelligence.net/zone/ Frame DCA9
11 KB
4 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
163904006f4fcdf9d8048d1433965d36aa786cf86c61941c1bf5898c04e2e31c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4102
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 8197
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 326E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 08:34:50 GMT
expires
Tue, 16 Apr 2024 08:34:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame FA77
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
78f756d6-df49-450e-a0d1-f4088de438b8
https://www.theticket1590.com/
93 KB
0
Other
General
Full URL
blob:https://www.theticket1590.com/78f756d6-df49-450e-a0d1-f4088de438b8
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fee80067e8671ca9b800cf7b3b549a21a242c56272ec075e21ebdb6eca708f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
94924
Content-Type
text/javascript
request.php
hal90007.redintelligence.net/ Frame DCA9
Redirect Chain
  • https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB
Script
General
Full URL
https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.157 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
03a582e84c4c44c54541bec709457feb114df8b00a75bbdf251147bd768ca6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
64051800150414804444550012297007
Connection
close
Content-Length
1311
Expires
Mon, 17 Apr 2023 21:18:42 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 17 Apr 2023 21:18:42 +0200
/
www.facebook.com/tr/ Frame 4AF4
0
76 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.theticket1590.com
Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.theticket1590.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
cors
data.ad-score.com/data/ Frame 8197
1 B
277 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=6d9202dc3dec0313c2a7fd41&pm_pl=1681762721330&pm_td=817&pid=1000449&en=1.1&callback=__pm_glbl_vv4SDDJZ66aPGCsxgQlMpDtw._gc3&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.theticket1590.com
Date
Mon, 17 Apr 2023 20:18:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame 326E
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
container.html
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F6A
6 KB
3 KB
Document
General
Full URL
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:40 GMT
expires
Tue, 16 Apr 2024 20:18:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
b3.tunegenie.com/ Frame C001
2 KB
1 KB
Document
General
Full URL
https://b3.tunegenie.com/?tgv=e905577.ba4de90
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06fd4271e82cdb8d10b3b34667c6d3a83e2a808d1034a5618ebe5fc9653ffcdb

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72641
cache-control
max-age=7776000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 19:27:18 GMT
etag
W/"6faeac286332676bc8eb22f3ae9c485a"
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-id
97kF0fvdfko1T73MwfPbxmTXoGB86XanIbPiFmXTwZdaCdOByGfjgw==
x-amz-cf-pop
FRA56-P4
x-amz-version-id
XSsYrOJLJYePkAlJWTlHIIe6KQ2jQYhP
x-cache
Hit from cloudfront
p
sb.scorecardresearch.com/ Frame 4C94
43 B
299 B
Image
General
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1681762720213&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=728133&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2686986&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1681762722226&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=2012&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=120%20Sports%20NFL&c3=sendtonews&c4=Sports&c6=*null&c7=https%3A%2F%2Fwww.theticket1590.com%2F&c8=&c9=https%3A%2F%2Fwww.theticket1590.com%2F
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
WoZdp1SAKQDxm5o7z6CinM54QY03DXFE2ICdtBDnDh6REu8fxDvf7w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C001
75 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6095a7dd7fbfb9eef293e03277d17dbb9c1e05d4bda2e1543330704a85ca0dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25468
x-xss-protection
0
server
cafe
etag
115 / 19464 / m202304120101 / config-hash: 3756285743670852327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
js
www.googletagmanager.com/gtag/ Frame C001
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7150119-1
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76d6f269d1adb65cb4f03068354f2a2d6f193f8d0ac16d25b86c0c3cab80d201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44610
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:42 GMT
index.1d7f3daa.css
b3.tunegenie.com/css/ Frame C001
108 KB
18 KB
Stylesheet
General
Full URL
https://b3.tunegenie.com/css/index.1d7f3daa.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d3b318a856e3825d40c46bc3b2b2a3f0efda05f1e50d0186f9962d7f8abe33d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 18:08:41 GMT
x-amz-version-id
mjY1fQpCg_sA7Omw._kv1rGt9H44rn2a
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 20:18:29 GMT
server
AmazonS3
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
etag
W/"88b4754d3874cb2d7c08b5236c75af7b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
age
5451002
x-amz-cf-id
1n_LSPLRVOKb49LjIn1bsPHUFM7UgWuNRUt-XTxTCyYJy14gSCh3Ng==
chunk-vendors.6e6c4ca3.js
b3.tunegenie.com/js/ Frame C001
420 KB
141 KB
Script
General
Full URL
https://b3.tunegenie.com/js/chunk-vendors.6e6c4ca3.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a660c0b2cf593afb9d74a7e0d33efc6979d8e58608056fb31dc6e4a5a71a1797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
txCDY1GtPGOjg.LCCJAY6BZ0H2ThMiuC
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:20 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
72640
etag
W/"c98e989fb78f907f040028cb38d1764d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
LNnbJwUdc2roejt5Pdkyst2mKY5w4Jzzgp2WVyaztwcEi8EFpUoZhQ==
index.c8514102.js
b3.tunegenie.com/js/ Frame C001
158 KB
42 KB
Script
General
Full URL
https://b3.tunegenie.com/js/index.c8514102.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6cedeb17f0877b56cf94ef0bf81606ded07dd5efb18ec5b351fcf927a51aee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ASEoV.HAl0NVe.bpbPwdeG7Oza5vRyBK
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:20 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
72640
etag
W/"1e48d5af1391f5b7142c7f9361257ad3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
pW4QM8ukm7wmowm92rVC2nU9HpqjY50kGUBMP3p3e0sHUgD1Gel2IQ==
pixel
googleads.g.doubleclick.net/xbbe/ Frame C1B9
632 B
272 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVHsBCdqpH_Xq73Hb57Duw4OSvxrRWJi1H1aXh9vS-vtm_ln3Y1rFiB2zxCGXkqKUS1KEvni76tygGnx5rdhx3p6YGHH1sOxZsX3oT5x6OOvu1HH_Q
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
expires
Mon, 17 Apr 2023 20:18:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7F6A
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6A
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrrwnrKRHxAjQpe3UL8YCVFcF3uTThO2uX6AUkDdV1P599YsmWmuBCo9cEqFkhy5j_oUch-4JzeSlfM9jejiuzRxSKIemhZDyZog5s2NS_dpiaLwg
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10132920350031201852&x=1&ct=76
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 7F6A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 20:13:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 7F6A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F6A
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&cmd=INV&key=5oC5qDti&c_id=5513&seq=1&order=7&vIndex=0&absoluteTime=4398&relativeTime=2432.2&alt=0&sC_ID=5935&sm_id=2686986&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&playerCfg=FL&playerType=FLOAT
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/
26 B
186 B
Ping
General
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=bYoTP3-rbC6ebG9d&instance=297079351&version=7.15.1-G&age=230417&cmd=PLAY&key=5oC5qDti&c_id=5513&seq=1&order=8&vIndex=0&absoluteTime=4398.4&relativeTime=2432.6&alt=0&sC_ID=5935&sm_id=2686986&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.theticket1590.com/&REF=https://www.theticket1590.com/&playerCfg=FL&playerType=FLOAT&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.56.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-56-152.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
chunk-1121b3a3.16c3e697.css
b3.tunegenie.com/css/ Frame C001
0
1 KB
Other
General
Full URL
https://b3.tunegenie.com/css/chunk-1121b3a3.16c3e697.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 05:39:24 GMT
x-amz-version-id
tCOba1qkJ0SBEv40Bzu.1HyunEt06jMS
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Wed, 19 Aug 2020 22:27:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3335959
etag
"78efcc1be888c63911df588255a60628"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
712
x-amz-cf-id
fU1Wv0mVRSJ60kXLSu_VliXVwCjaN3IBSeYepFqAnXWm3W5ItlGwaQ==
view-Favorites-vue.27446320.css
b3.tunegenie.com/css/ Frame C001
0
472 B
Other
General
Full URL
https://b3.tunegenie.com/css/view-Favorites-vue.27446320.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
yKTiPNR9XxuGUt_2G2LiRjyRZwm5nCEQ
date
Mon, 17 Apr 2023 19:40:15 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Wed, 19 Aug 2020 22:27:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
2887
etag
"edd647e337b1fa82b100f7eca0b81186"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
56
x-amz-cf-id
5TNUFp_Psvh_W7Zpif3ssT-WQihGSd9IlE3UxgZh8T1i-vkYGagwZQ==
chunk-1121b3a3.ae827baf.js
b3.tunegenie.com/js/ Frame C001
0
71 KB
Other
General
Full URL
https://b3.tunegenie.com/js/chunk-1121b3a3.ae827baf.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
aoPcJbzA4.6PHPHHNoCJtcgUPIqh1S5x
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:24 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
72618
etag
W/"eb1311114d02e943e27f1018ed8cb5a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
RyH2d1PmZGYrID1d1L4ylL5ATeClMcDlkCZq46_VEcWRbMbdwey9cA==
chunk-2d0d76a4.883ed436.js
b3.tunegenie.com/js/ Frame C001
0
7 KB
Other
General
Full URL
https://b3.tunegenie.com/js/chunk-2d0d76a4.883ed436.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
StfTLI71TQynZK4C5LRAzhYW_iAICpab
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:30:52 GMT
last-modified
Wed, 06 Apr 2022 17:21:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
2887
etag
W/"b2e69db13a2ed91d80691bdb7f238f61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
Mr9IMmlaEMAzq1oOf0UstNoJPagq5Eoa82IGDynSnOPyYLeQdrvoog==
chunk-2d21a016.76b09c6b.js
b3.tunegenie.com/js/ Frame C001
0
73 KB
Other
General
Full URL
https://b3.tunegenie.com/js/chunk-2d21a016.76b09c6b.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
i2oR1yVpqMKdozkd5_bYdtoCi803UKEY
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:27 GMT
last-modified
Wed, 06 Apr 2022 17:21:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
10891
etag
W/"412f50bcb698d4296019225942708185"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
sIygWE7-UAyUyiv_Up_CBwRpTWftFQANAogXxNvleyB_ElhRbUTgYQ==
chunk-cc61cabc.da3c12de.js
b3.tunegenie.com/js/ Frame C001
0
31 KB
Other
General
Full URL
https://b3.tunegenie.com/js/chunk-cc61cabc.da3c12de.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7t0NRAqix.Inz5Jrh5oeRMgtvs1.8RLW
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:30:52 GMT
last-modified
Wed, 07 Dec 2022 23:44:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
2962
etag
W/"adc781e0d79a2acb025aa418d67b7a23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
2zL53ugx6Sy1Rbb_S13oc4t5s6RtyBEDeqOm-XjkdYm28DhmgXjK7A==
view-ArtistInfo-vue.b71db261.js
b3.tunegenie.com/js/ Frame C001
0
4 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-ArtistInfo-vue.b71db261.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
fAGl5ReGbKdxVD1QQ6Z8Y.iiey5QPR6o
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:28 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
57302
etag
W/"2d527dcad1d4fa26c6e87b7aad47a964"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
1WoE8NCuiL-cSgkxpCDRMbtyVYsZ8RddHxqnpMHnK5nAuktpNjuO0w==
view-Concerts-vue.07f655bc.js
b3.tunegenie.com/js/ Frame C001
0
2 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-Concerts-vue.07f655bc.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
n0Ps2fN.7geIi4YkQhSGvWTdgaIzKysb
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:28 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
10891
etag
W/"c21ea258d88b739243946b61ac26f672"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
5lgHgQy9-LplJcNytllPEs_hB9wE2XjGjqgYXDi_tORwMCkVrfzzYg==
view-ConcertsByArtist-vue.e4396229.js
b3.tunegenie.com/js/ Frame C001
0
2 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-ConcertsByArtist-vue.e4396229.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
KfxiHfT_eR924._HkZaUHHp4wObdVxmL
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:29 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3074
etag
W/"d3afcb6d298f43d9028d9aa6db236894"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
XnBVTTucBvgqt2-Vw3tYdhE6GfiiHrkGn9fdJZEnlkNhKEmgwo-fkQ==
view-Favorites-vue.84362cd7.js
b3.tunegenie.com/js/ Frame C001
0
1 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-Favorites-vue.84362cd7.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
odeR1rZtr.AHvQPgjwFdFWJyWXaB49VQ
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:28 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
71984
etag
W/"0082fbaae014111e68cb112947f03f88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
wkpXbOKyF6xcKfQhkENrUHwPK08QdN2pnU9FGdPgnT18Bo9cDwF1Cw==
view-OnAirArchive-vue.16a0bbe8.js
b3.tunegenie.com/js/ Frame C001
0
2 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-OnAirArchive-vue.16a0bbe8.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
up83UK3yWgthGTy0qBs9W2VjfAVwdR4t
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:28 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
921095
etag
W/"524e4b3199c6655f6b9dcf29894830b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
Bfbwd_ncV5mtIFaDJbUXf_C_oZaFpbyqFppUPgbJCpKNbwWgfhioHg==
view-Podcast-vue.4179872c.js
b3.tunegenie.com/js/ Frame C001
0
4 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-Podcast-vue.4179872c.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
N_Sr8wqq7aRDrKm95PYTT2rd_NjSVjRY
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:29 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3074
etag
W/"c57e920d7fefe4d57ee59b806e46f567"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
iPJU6KWHVKQrpXor6HPp-VA5WSTK38ZszoTzFOlUO0QwPjtrWHmWJg==
view-PodcastEpisodeDetails-vue.512c2e8e.js
b3.tunegenie.com/js/ Frame C001
0
3 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-PodcastEpisodeDetails-vue.512c2e8e.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
JTG8WkOHwpGFDRXJ7LHclTEphvJtRnuq
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:30 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3073
etag
W/"b60fd94fbcd1e2084694ceec154b0607"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
8P-aaz10IRQew9415t99iZlcmuSzrvWeekKCSwhGyy_RKKFpqUvpkw==
view-Podcasts-vue.92a3af25.js
b3.tunegenie.com/js/ Frame C001
0
2 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-Podcasts-vue.92a3af25.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
8r6hJRj55CWKKNuYRmaCsrNILN5KpOFm
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:28 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
508899
etag
W/"7fcbd21bb03d4d242ebc5fcb45357153"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
b20pczFP71Evazrv-20WAKFanClVAi-IBByjUaag-X3fEDZ5sMcVHw==
view-PromoCodes-vue.d73a1ace.js
b3.tunegenie.com/js/ Frame C001
0
986 B
Other
General
Full URL
https://b3.tunegenie.com/js/view-PromoCodes-vue.d73a1ace.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
yyeJhW5jUHmN0DsERHfleizbks_R29.i
date
Mon, 17 Apr 2023 19:27:30 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3073
etag
"cd04cd0a480aa1080b5b2adb554ab85f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
561
x-amz-cf-id
BPqc3tl5L970TuzQFSdAAXhMjhLs52x-i3PCxa7AdvqJmMVfRTJOqg==
view-SearchResults-vue.657109de.js
b3.tunegenie.com/js/ Frame C001
0
1 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-SearchResults-vue.657109de.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Z1c8iATffeXPA8img4Dv1ZCnWz8X1L6W
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:30 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3073
etag
W/"b5ede0fbae6b6c8388e1fe195f59ac7f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
oXiRtPJSm2y2rYiIqV47U4WLE5sJnx2xYN-NuJrccWP8FwtbJnHGZw==
view-Stations-vue.2393e137.js
b3.tunegenie.com/js/ Frame C001
0
2 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-Stations-vue.2393e137.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
gtZBo2L8wagSgykkFf8UGrK3q.Q06vAw
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:30 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3073
etag
W/"96d2308ea9d0c86539b248ba6d3ce3ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
qsyJRQqyxzQbO0-L9-C1yo-xcurJCpmIMUOOwQiOtmmgb5RDDA0omg==
view-TopHits-vue.052d6935.js
b3.tunegenie.com/js/ Frame C001
0
1 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-TopHits-vue.052d6935.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
SFJLkbI20bEWOS4n96UYqrf6BTRQ_WaW
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:29 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
57302
etag
W/"24c8e83e5be3980ccaa28b9e4e24e04b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
6OnGVEfq3k07xDfAxgp-VCeiqTWgJN2nfA41LnLKLcOOvm0dnPtt3Q==
view-TrackLyrics-vue.401cebac.js
b3.tunegenie.com/js/ Frame C001
0
1 KB
Other
General
Full URL
https://b3.tunegenie.com/js/view-TrackLyrics-vue.401cebac.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
TQLHcefeo4r6WuFRGK.JXfxqGp0FgXUM
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:29 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
53322
etag
W/"9e170eff9d7f836bc1373ab59c7bb55d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
vivtM35GJVF6GwhbI9i9gmkOUJuK-gHpqnVV-idXGPdCaLs3y-Ic4w==
o1n30140o1o81o1p838r162661r56psq.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
4 KB
956 B
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/o1n30140o1o81o1p838r162661r56psq.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7c31bbc6076e85fd81b6bd6471ae6693970bdc16eb5e571dade248b875cc443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
content-encoding
gzip
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Mon, 17 Apr 2023 18:54:47 GMT
server
AmazonS3
etag
W/"72a623f2aca0114526ab250d32d78270"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
QeAk06zpJ9oPQd4JtnwHOwVJ2-iO-eM-wUpNQgl20JA9zHGFaThO6g==
css
fonts.googleapis.com/ Frame C001
8 KB
749 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/css/index.1d7f3daa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86357424348aa174c7ab04c759c553c5fa57f3714454f6c755bcfbe5769326f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:18:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 20:18:42 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame C001
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/css/index.1d7f3daa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuN0CtRCS146szHKw5DtWjl2hB3sVbhSGIr9jlHR43qBSV43KkC9ldf6rtbqlT%2BoSeWiixhphFrdQ5B43VAAoXv4WcyDCfmEmMLEBTgHknly3CUlVJV2U8gr5sHL7brRVv0UxUS6GY432SYfmVSnzzrY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b975bd67ba23718-FRA
expires
Sat, 06 Apr 2024 20:18:42 GMT
css2
fonts.googleapis.com/ Frame C001
10 KB
660 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@200;300;400;600;700;900&display=swap
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/css/index.1d7f3daa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db0ba7f5c1b57d0ba549c521e64fd43901acbfdcd65a21b42d59a8552762e1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:18:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 20:18:42 GMT
integrator.js
adservice.google.de/adsid/ Frame 8197
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8197
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theticket1590.com
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8197
18 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3654934142425638&correlator=447089363529635&output=ldjh&gdfp_req=1&vrg=202304120101&ptt=17&impl=fifs&gdpr=0&iu_parts=25756908%3A6717%2CWSM%2Ctheticket1590_728x90_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C300x75%7C320x50%7C300x50%7C234x60%7C216x54%7C120x90%7C216x36%7C120x60%7C168x28%7C120x30%7C120x20%7C2x2%7C1x1&ifi=1&adks=2245976565&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D06381474226b9772%3AT%3D1681762720%3AS%3DALNI_MYJoZ9qJbNFCzXTjXAlUs0JcPUsIQ&gpic=UID%3D00000bd7e956abef%3AT%3D1681762720%3ART%3D1681762720%3AS%3DALNI_MYUVBfTE82bfWHn6AZiIFPW6Xzz_g&abxe=1&dt=1681762722338&lmt=1681762722&dlt=1681762720949&idt=584&adxs=436&adys=136&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=c828y4yy2go3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.theticket1590.com%2F&ref=https%3A%2F%2Fwww.theticket1590.com%2F&top=https%3A%2F%2Fwww.theticket1590.com%2F&frm=23&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1483137519.1681762720&ga_sid=1681762722&ga_hid=570411068&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34a2b91067c6491b3cb0a75062f738526bfef36bfb3f5db73097e209b6c1e2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8287
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8197
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58983bc439c08a0f916d6b6d3a2facf9b09e20ffd4b856cc8ffd3e6ed5d14f6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11292
x-xss-protection
0
container.html
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2485
6 KB
3 KB
Document
General
Full URL
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
expires
Tue, 16 Apr 2024 20:18:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
ib.adnxs.com/ Frame C1B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVHsBCdqpH_Xq73Hb57Duw4OSvxrRWJi1H1aXh9vS-vtm_ln3Y1rFiB2zxCGXkqKUS1KEvni76tygGnx5rdhx3p6YGHH1sOxZsX3oT5x6OOvu1HH_Q
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
AN-X-Request-Uuid
fca5bb8a-917b-4f19-b75a-b4e5cb9b340a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C1B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVHsBCdqpH_Xq73Hb57Duw4OSvxrRWJi1H1aXh9vS-vtm_ln3Y1rFiB2zxCGXkqKUS1KEvni76tygGnx5rdhx3p6YGHH1sOxZsX3oT5x6OOvu1HH_Q
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ca5efe18-8305-4587-9e37-d7951de59f98
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C1B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
43 B
172 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVHsBCdqpH_Xq73Hb57Duw4OSvxrRWJi1H1aXh9vS-vtm_ln3Y1rFiB2zxCGXkqKUS1KEvni76tygGnx5rdhx3p6YGHH1sOxZsX3oT5x6OOvu1HH_Q
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
date
Mon, 17 Apr 2023 20:18:42 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame C1B9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNVHsBCdqpH_Xq73Hb57Duw4OSvxrRWJi1H1aXh9vS-vtm_ln3Y1rFiB2zxCGXkqKUS1KEvni76tygGnx5rdhx3p6YGHH1sOxZsX3oT5x6OOvu1HH_Q
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
analytics.js
www.google-analytics.com/ Frame C001
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7150119-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 18:35:42 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6180
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 17 Apr 2023 20:35:42 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/ Frame C001
401 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:54:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
1482
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127166
x-xss-protection
0
server
cafe
etag
9041812995692956310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Apr 2024 19:54:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C001
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47712
x-xss-protection
0
server
cafe
etag
10148435689540659925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8197
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 20:18:42 GMT
/
adv.office-partner.de/ Frame DF67
930 B
931 B
Document
General
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 17 Apr 2023 20:18:42 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 24 Apr 2023 20:18:42 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 6DE2
0
365 B
Document
General
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64051800150414804444550012297007&t=htlp
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Mon, 17 Apr 2023 20:18:42 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
D972DA16:B3CA_91EFC182:01BB_643DA9A2_112CC3E:6DDA
link.html
track.webgains.com/ Frame DCA9
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64051800150414804444550012297007&nw=1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.40.227.197 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-40-227-197.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d61e4b60fc735bde6c4000209de209c2e500aadbac68c05200c3da1a69a15d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
last-modified
Mon, 17 Apr 2023 20:18:42 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 17 Apr 2023 20:19:42 GMT
activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518
5994599.fls.doubleclick.net/ Frame 96F4
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518?
391 B
324 B
Document
General
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518?
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
a532789e5c7dd25865bdb336dc2d3394cdf2837152d0ccad5542c1a275dcb8b3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
expires
Mon, 17 Apr 2023 20:18:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90007.redintelligence.net/ Frame 5B72
7 KB
2 KB
Document
General
Full URL
https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=c6f68f42cd&subid=&uid=916f79f31dd14b90&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbgTGoak9ZJjrAYGx7_UPyueiqAam5b2gaYWVnKfJD_AuEAEgl6rtdWCVkpuCrAfIAQmpAgZrxEJXUbI-qAMByAObBKoE7wFP0OMIFe9nao4mueJF7CosAO7yXKoq7ocI2Q8fNl_rt2_J3bK8jnHRjk-xhoTXyYtWQv7a-J8pNNEX-IqWNvDJqX3a9q2a1DL7u22z77PX_jo4RWQzYhwOYwEzDm9jHE3RQuVWFWXy6S_yKvuhFpovU5GkZpK_PR9LGybmB9zxqgpiITG2UbJ6ZWdMZxMLLMQjiWPGKF4YIGmQ9QrmYzoOyp8a7T5L7FdgXkJy4mDfP9LAiTuux5cpPFZ3OMlxZNCXmmFkngyfG0ddX4LtKMzvGM4201QM4dBOnjJX7xmKJusWR98gB4BFxgwmLll548AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgECACgOYCwHICwGADAGwE8yc2RLQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiD1m_ra4VpP-gQqrAj2E-t4X37QkuK8jV7y9Q4p1OupWr6BWDU9UzI5on1ul_fVnDFCa6DhXFzSLu0ECQN83i0VONa_bNIAfYYAQ%26sig%3DAOD64_0gLDu_oUv6c5AU-mbZF6ml7OI5oQ%26client%3Dca-pub-7253037122197916%26dbm_c%3DAKAmf-B0IyYGT500aE7d08cmTV3QZP8a4GRYvaIMwmSZI9LKJF0iFojIh4JBPbiBsMrnZILaF3yikmCL5wIQfffah_MYp_mcTI0_WlzaHzX1CkKVqjOZjAviPa-2v9GR4uHyQKqX35yn2Xi6jdvZnXLI8nMTm89x7RNgaKYesfJ0hSGDR0443rw%26cry%3D1%26dbm_d%3DAKAmf-BEI-j-5Y7Ms6-IIsyqlBkX2eyocETgfgVc5deRNHJ5yXItVurt3XDaXYhbqKv97OGcy9yQlaVVc8hg_hjiYz2kjkUelgr6D7hA-KTUUTW-FayDV5hxwRAdvEj_TpmRUiRX1FDpLVvvc6PhrxYBl7mHoccQSuZ8h9zTwSymId6S03X17_wZ3O6UwRxh1OUSh_NLlr7TqitNxDbrbxyTRBgr1pn_kzT5VhFWQBHGuIgxQVtoUi0b08z4pGCV_xMfh4UBUzOUfjqvuSO5LDBJc8KtTUmgxQvtU8LY9ONMA9ZCGJAc-GQ7WFTx3GJCjy5OFygWOOrZSsL7_3aH23ECIhLUfBbye_w31EcYm_SwyNUQKNHC0cB7vgQEXxTxTEr3PWRdVbIsB48ZRGz1HgzmbIZt-mlM2reJwZroPo7Jk-xYaQ_Yc2vtcakTIda2czy4rsZHdt9RzIAuPwjQheSIBU0515vzpO_UWkfy5yRuE7eebBW9wj_dyOhsLjioWk88VjdLwmBjhax58OMktCtu4i-717rzf07y6Cn5L7I0v3Cmh395h7I%26adurl%3D&documentReferer=https%3A%2F%2Fwww.theticket1590.com%2F&ancestorOrigins=https%3A%2F%2Fwww.theticket1590.com&random=8891797598255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f30cc77f312a415d6d953e3276d7505b0feb84a9a074c42ef1919b1392e18c3f

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2071
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Apr 2023 20:18:42 GMT
Expires
Mon, 17 Apr 2023 21:18:42 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame DCA9
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64051800150414804444550012297007
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64051800150414804444550012297007
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B
Image
General
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:20:58 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA16:B3CA_91EFC182:01BB_643DA9A2_112CC4E:6DDA
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame DCA9
43 B
705 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=64051800150414804444550012297007&pv=1
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.74.96.163 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-96-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6A
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7735528881353&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6A
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7735528881353&version=m202301230201&ct=76&x=1&cor=10132920350031202000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7F6A
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D77Bd6yrA1lPTGKdLD3PzIH3zZsDZq_F5bvzVURo_Z_XAAwAv9g0knA2uG6k0LTnpyuu2WBWYiG1hQjKrA076hUiUz5A&cry=1&dbm_d=AKAmf-AF8Yolbixo6pPweAmOsXRB1XLSRl42qvLIrGu-C_Hv-K6R7SMYGgFYPc-XQKobQ91geuGJYcbSXcf0sM-YkfuDRQrbvCM4rseD8zirZq6S9RHj8GNrpyw1-nTxpZSFxloPfgB9mopZECeynZg9eojbf6tyRlyM1SGEcr_3kZyhxihLEIeY5rOHpGzOLBsDLPGT-J9v-ebGLfNFGBbHhyLDboRf5uKpoQLYZ51hrTcuslki9cpoXhY867Hf-cO06AiMhIxagGlvA46UEbrDEmBwhb6guDHaOje7HiOMr3fjD6tOR5iwtlbnApxU6JOdev1fpRuYqHiYwDlZh7nTqp4GEiuOif0df6oqc5Mw3Va_ThQGz3QAQ6kPeRc3P3I3d-zW0BmUBN3hcX0mq5i2LEtT7mtAJUGkDHYSO1-Ly-kVBK9HexcUo43Qn2V41cvhkT0zWijQ-OQ9NLgvG-qX_nqx7JJsTI5mGkEe_CNQ62HjPjc6xwKpD4i5B0TlRykEKvO2jlIojyfzJGduTztsVAYY4m4ugQdHSfq4WJxJdNSBAQ1ptdBjw9wlOMI8TOL9X7GMI_0rL9HYBCTbW833nB_bsvl11mNEkcY-34Y6fzRjOC-OxJFGs2j9-2Si713hqJkJpYDDMU_GkVqC4x6nYESdqW3YWm1HuZpQ7-deeAD9ZHaUwkt-5NROf1dTAMqkxAMFc9Q-Ha3rs2sYRvYbWpfUZA63QmXUUJ845uB9DXpb2VUNZUNbgxbRrDMOwOaHmzj1gI2zNRlaDSQjn6EDwUDUIqt3Kkg1wZRG0fdgibj0FG5rjhD3LShbmaPOxf5Tq3XorvD13IOzHnBRGXG9KhtjcFnnvCHA5X9mliqLiF32uXoy8jdCzVb82NcE9eCu536AQad0rdGNYgPLlOX0seoD-9mwXnGIxo7yyf8CDIDLVguDgFRyAGig6V2uFrh_kd5FFUVGZVqOU3_YxKPs7YrrTTLEzrzTBkYa2QHHqHXnaKuENZv-cQENNKNbv4zjc3Wof32dbVMZOwKQ5CpQJIJIR4oAWDwP5ARtmK2RuoeI0ESafkgmKUAQMcsEVT-C0AItPNPIDI63ybr0oGPUWVkjyahRuob5ak5U5nOf8OXOgc5AfjlPpElCzOHPCqvB0CUibz4TvMi0TQpDnhT9jXW9j5B7jzuR5IdYyK6jZ0VR0NjEVoATI-n31WP31qzgmoVJaUXpNyuuaVpsm0FD9xHvTbvrPlYCQ1hA6Ov89H_fYPOxMG6uV9Q3P5troC0VCkLipygVL9vUdd5uMt_y0HKW-wJf0jK998MxZMl1Z4vQsh2e_EWr9Ar3hFjMjYmhV-28nFGhBsYKHiHbFt5hZa9VCrjtTafvC_zXvgMrd-sHmpB_OBM1DdEqDDuWMDRl_OlhPiGS32DV-QDU2VcKf3-Y5_PPlOcNtdGf2TCOnKLtEWL8AKKFZRiq6EX0HaBcOujoh7jnplTGpzz1dG41MIMhbDFf8tRQjHTkWdQArdI9PX2jRHppiuoSf4HBpI2T2R2ZORxw3CYycJ8mhF8rp-QNxoVpuODxYaIW1OpPxRIShGWuYeNMc3JuvZKhXfT8DSugyxYRmcz0k_gFIS0d7DfSdyHxjEk_F7mhw_4pjURfpJ7TgQBfLx1id6_rUyuEs2MrBdew4uG9LsmYzzSGJJyjT8rY_rJMWN01MpM3xMsn1c7kd6wIUaUazJEQ64xoaXzWvlHzvRq5l8yuY6AWjvSheDWMy6YHJP5w2XENcUpRVlpufYYg3GQrHCol0hxHCor2g_ulSw5nf3C1pPsuztAFO-YE1tbpp74I3HkH5Qb-FcB0waRS71XFt7PkwTbxVHhMQ8aGDT-5XKh15vwgrgr-mJ4zCxM4fdgHBiTbgfdDy7ddVkjjG_kEQZG4FDjv4IjoMFJVsfFOMKUpVPymvKfUVtEnNtKhpoYMwlhy7lR-QmT2x4gOc9MKxXWFtuxGAoVgdPj--4BxMeII-1fFlcNRRtX0jk_di3wUnozc7rk9VIk8OoHnnw7eRy7bgpE6L7yri0qYL9r4tvb-yFlMsM8IQQC_OVLtOdKjgJLNKpeDos-iiirLqNTw1zcHeeFtnXTuoI-CJAnArmtu3NYCOa8l_EpS6uRvcV6ZoWZJpFZalgGxiLIRliyYbcwONNSLqWbaZ6ehWr6f6LnbmSED1sYDDaoxpQhdCxXK4Kr9adBXoHpjQeapxe862VcQVTg1wfu72-l17GGK2CjaETho0numUuohFiGkz4EAnTV3A7hFACxai4N11Fhmmz2TITnBE9h_GNiECcMZh20KJSuKS7_SjcqYPEiysRqSgBvPReKrQ1rGWFV_mLUERWghQf4O0162R7y_JtYdB067tdhs9CFhtwdaz2Pj9uhhyHL4yNmF_FWVxict6atKGUjBFdZjt7bziuQq5Sz-dvoFA8ENLAe_vxt3ez6cF0vpRENwVslLIA3UfbsSMLwJz3Urtxvf9-uk7maJC_Y_TFBTzVRMQeIbuECmBlc_7z--zq6S7W2jNjhz2nQm1MmtFokG2GAJQf6o_8BiYyxKoanzAFoXTI6xxqAPaL7Wm348bAP5eyh8P1alHCPkprcQgHIP2MD8rJQFt6cu7as5yn-lPSxB-LSDDJo7yEIBAZJM6G51XqFOnLHtgPecKSxIpd21Cfz5Yzmf1DHsVaHWlfrhmwdyPY0PEaDFaLvVUKFoC9MA-4e5wWXqj2ZbrNNiDYZpxSEEcp5PEB1ixsffa_jLo2E46bmmVnCO9pg1eLDF7zVUpWUwfXixrFe_md1FzL1bPaapM4QWqtRlxOuE9YXGwjHEGb-2SMmQcsWxaeVI6dickry6kXt5GSUBqq-qT7SrsJjA83Ky58eE_Hk7oYIzsUwiahmrP8ATddJUUG7uPLgadggPCGJr98tXEV1wygZ8gE-DStGHtA-sgVhA6jDdIcBAgDXlJF69L9tG_nkQ3nAa0LL8R_m32qM3U4BpWFsDH8_50lgIapyfOZ58I2AZhsz7pvkigFYukWUGBr7iqlluepovSvWMaY0XNBGBDEzfYTYKek_HDoH40ihpXiqOO68xLoLNqzEj-1MzH4ls7oCuJTS0By_VpmTwhIUxEg3uxqfKbE-stRIcmVSdERk3D0HTnkR5OSHMLuWamH6QIXICZFcU1OutCGaiLgA8RczSO79GprRpzE5pzr9csfx_hMAf_nXSUjE-E0TiPG9bcQH6jTZwPiq542Mf2ff15IlLcDuZmKE4SS1G-1yGDljq-ai479gRXAE2KLq9HEO686hgozHrZo06ppiNQjGSJxJtWRh9VAEJVVZqx2NQ6WQdYPXT3fImBElxUNyXugmqi_DhX7wHMomN5ugnKflh8vl2dubnRf0Uesa-el-s7LLRX5rPXvww0S6LM51OzWpBfeFFm20l8kTmkrK6jTtTL92HdjVu8WTfclX1Fp92Fyg28YrzqbjA5cP7AX8iYpKDITOh5tmlGzq6yFSw2Pg77lA_ez1kJHkU-8919XpWdSAjbFgQeGkavjrrIzZZPGLmO9V4Cl337ylZWV0&cid=CAQSSwBygQiD8jMdUx2jO5TkgRLgPgjyY-N-x_wY2pq4hUTGYCcR0O7Qds1WvEQWjaiHLG0tHM8vz2oURx3B3YukpIaFlkPs50lv7vkcmxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=10132920350031202000&adk=943508955&idt=182&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f37b840619f93ac3a1f6fe2e97992b7d2787d178ee30b2612f05752e440cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36000
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DCA9
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f35add45f2f73d9a34dda1cf8869f1a8fba78f4a7b692fbd054d046225ab968d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
container.html
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B0F
6 KB
3 KB
Document
General
Full URL
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:40 GMT
expires
Tue, 16 Apr 2024 20:18:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 5B72
1 KB
416 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11f7aab214169f28971cedc0a242ab0613a00a552496f2f0956ab0ae2853b993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 19:13:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 20:18:42 GMT
/
hal9000.redintelligence.net/scale/ Frame 5B72
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0cbda63332a1e20ba4e89e4375bd8a4e8a84fa8e7ab58e0e62e3a342c0dea8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16514
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5B72
16 KB
16 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6e6abe2c10e0a61939368f085b8991a38189039726f6d1b19936524d24400b5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16229
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5B72
15 KB
15 KB
Image
General
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8dbff066af6ffa61e86120520954a58c8a9d72b44a1adc043f27566427569609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15535
Vary
Accept-Encoding
Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C001
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options
nosniff
age
553651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:11 GMT
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fffe142658ede54ea109d3864f003ebb11170d4ea0110f752ec4b51cc8646c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 17 Apr 2023 20:18:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9552
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:13:57 GMT
expires
Tue, 16 Apr 2024 20:13:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B0DC
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86f6342a4dfdd95c27df3ba8ce67e7a0dce37ae19d8f4069e40aef9757b36820
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fk4QCfOgYD_m7PhOdCt24w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Fk4QCfOgYD_m7PhOdCt24w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
expires
Mon, 17 Apr 2023 20:18:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 326E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT1GWoak9ZNj4Nu2FjuwPxNWn4AIAAAAAOAHgBAI&bg=!pKelp_PNAAZA7GLoYOw7ADkAdvg8WuoTr7wRvs9C3AG7bcKEdPWPXqtx0isppi5pJYBxxV5fKWyveONqN4cuSxvt0NN6n4RJ-OsCAAABJFIAAAACaAEHmQMJumSClPR3ARjlMuS5YhpZL0dNZAAxYO-OvIngJuyWomwfwQuNwl-Mftpo24tUpDTrhjD6Yi7NLts4ThEHgVRwdGhoCQar44MSm5qTsyheRKoYThYNWqZ8jQBJlQT_V_-DCEeT6_mp1ekcV8NZIvLOLfWhH-nD-MaUaIlIbjiYeuEe_nLIHnlYSbG_nP_67GWP1Em7GamOFd_WVCRr7-5xYYZTSiYsy6eOJf1Fo5dCCUXILC0nZBkaJzf4H_Cy5CdlDl-0wtEZdYjwA7bzCb4FB9Rx-bpYkHfvsQ36Re8ZOvUFXkcIjV4sFhXmQChF1w_TEDadLkL19i7lzLWlbzGoXerWfZXB4mFaE_IcV5ya7ohFpTrVjoS14Sxtocpg4aoBgwzUt5tZfqaMf8EhR6fI9u4UoHdB6rhK_4vhbe_Hyd1xT0KU7yTOGsg3AcvkK4AuRJOFS7PCWMA9dar1Re0xwqFrJ7Sr2jHQTYuWjJ8SjllCbNEEUE7F6Ex8z7Nr0nBg5iWWnhXF_sTH5qgvCmjT6L-rqEXsta3bF1E0IEe2Rd4ZJvumswE5NlCtK_c8RJB49aC_tmFEyNSDrjmawt6TcKmcks3Lcin7vtE7_1EtonnHFwjBmALtDCwW4Da4HnCW8HdYKRxskRqtnrrp5BMahFRKSq6iAvch1iDXDk1j8SLE9VqXrU5Wdra4VF28FnB6Rc82IJUwcjcIl0IFohbCd210XfW61ObO4Vr1cu70VtJ2E17YwgS-P7POFn2scG0Ah6wauF7mjLs4TVAMt9aYDDcjuU67jgdef52aHtud4CIrkQlZ3fyTIdgD_qxwNp3lv8Tj_t3EI39EyPPPuIZOXeZgaFaAW6zzGsSV3NIlaFXXnRf-Ulw_JYZFxwU7D8abQONrTY-2chM6aqZ3WlU8a5drGo7xtlLOOHJfkmtvS6UfPz7cKZZQSiE3q-TR-SlaY8WrqPuqFWwjO-wDti4AZBkfdkf9Mwrar_wTvFQs6QndBV8otUvEfwi0Ba1mBg_P53bNtVadxhJ7
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7F6A
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Origin
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 08:20:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/ Frame 7F6A
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D77Bd6yrA1lPTGKdLD3PzIH3zZsDZq_F5bvzVURo_Z_XAAwAv9g0knA2uG6k0LTnpyuu2WBWYiG1hQjKrA076hUiUz5A&cry=1&dbm_d=AKAmf-AF8Yolbixo6pPweAmOsXRB1XLSRl42qvLIrGu-C_Hv-K6R7SMYGgFYPc-XQKobQ91geuGJYcbSXcf0sM-YkfuDRQrbvCM4rseD8zirZq6S9RHj8GNrpyw1-nTxpZSFxloPfgB9mopZECeynZg9eojbf6tyRlyM1SGEcr_3kZyhxihLEIeY5rOHpGzOLBsDLPGT-J9v-ebGLfNFGBbHhyLDboRf5uKpoQLYZ51hrTcuslki9cpoXhY867Hf-cO06AiMhIxagGlvA46UEbrDEmBwhb6guDHaOje7HiOMr3fjD6tOR5iwtlbnApxU6JOdev1fpRuYqHiYwDlZh7nTqp4GEiuOif0df6oqc5Mw3Va_ThQGz3QAQ6kPeRc3P3I3d-zW0BmUBN3hcX0mq5i2LEtT7mtAJUGkDHYSO1-Ly-kVBK9HexcUo43Qn2V41cvhkT0zWijQ-OQ9NLgvG-qX_nqx7JJsTI5mGkEe_CNQ62HjPjc6xwKpD4i5B0TlRykEKvO2jlIojyfzJGduTztsVAYY4m4ugQdHSfq4WJxJdNSBAQ1ptdBjw9wlOMI8TOL9X7GMI_0rL9HYBCTbW833nB_bsvl11mNEkcY-34Y6fzRjOC-OxJFGs2j9-2Si713hqJkJpYDDMU_GkVqC4x6nYESdqW3YWm1HuZpQ7-deeAD9ZHaUwkt-5NROf1dTAMqkxAMFc9Q-Ha3rs2sYRvYbWpfUZA63QmXUUJ845uB9DXpb2VUNZUNbgxbRrDMOwOaHmzj1gI2zNRlaDSQjn6EDwUDUIqt3Kkg1wZRG0fdgibj0FG5rjhD3LShbmaPOxf5Tq3XorvD13IOzHnBRGXG9KhtjcFnnvCHA5X9mliqLiF32uXoy8jdCzVb82NcE9eCu536AQad0rdGNYgPLlOX0seoD-9mwXnGIxo7yyf8CDIDLVguDgFRyAGig6V2uFrh_kd5FFUVGZVqOU3_YxKPs7YrrTTLEzrzTBkYa2QHHqHXnaKuENZv-cQENNKNbv4zjc3Wof32dbVMZOwKQ5CpQJIJIR4oAWDwP5ARtmK2RuoeI0ESafkgmKUAQMcsEVT-C0AItPNPIDI63ybr0oGPUWVkjyahRuob5ak5U5nOf8OXOgc5AfjlPpElCzOHPCqvB0CUibz4TvMi0TQpDnhT9jXW9j5B7jzuR5IdYyK6jZ0VR0NjEVoATI-n31WP31qzgmoVJaUXpNyuuaVpsm0FD9xHvTbvrPlYCQ1hA6Ov89H_fYPOxMG6uV9Q3P5troC0VCkLipygVL9vUdd5uMt_y0HKW-wJf0jK998MxZMl1Z4vQsh2e_EWr9Ar3hFjMjYmhV-28nFGhBsYKHiHbFt5hZa9VCrjtTafvC_zXvgMrd-sHmpB_OBM1DdEqDDuWMDRl_OlhPiGS32DV-QDU2VcKf3-Y5_PPlOcNtdGf2TCOnKLtEWL8AKKFZRiq6EX0HaBcOujoh7jnplTGpzz1dG41MIMhbDFf8tRQjHTkWdQArdI9PX2jRHppiuoSf4HBpI2T2R2ZORxw3CYycJ8mhF8rp-QNxoVpuODxYaIW1OpPxRIShGWuYeNMc3JuvZKhXfT8DSugyxYRmcz0k_gFIS0d7DfSdyHxjEk_F7mhw_4pjURfpJ7TgQBfLx1id6_rUyuEs2MrBdew4uG9LsmYzzSGJJyjT8rY_rJMWN01MpM3xMsn1c7kd6wIUaUazJEQ64xoaXzWvlHzvRq5l8yuY6AWjvSheDWMy6YHJP5w2XENcUpRVlpufYYg3GQrHCol0hxHCor2g_ulSw5nf3C1pPsuztAFO-YE1tbpp74I3HkH5Qb-FcB0waRS71XFt7PkwTbxVHhMQ8aGDT-5XKh15vwgrgr-mJ4zCxM4fdgHBiTbgfdDy7ddVkjjG_kEQZG4FDjv4IjoMFJVsfFOMKUpVPymvKfUVtEnNtKhpoYMwlhy7lR-QmT2x4gOc9MKxXWFtuxGAoVgdPj--4BxMeII-1fFlcNRRtX0jk_di3wUnozc7rk9VIk8OoHnnw7eRy7bgpE6L7yri0qYL9r4tvb-yFlMsM8IQQC_OVLtOdKjgJLNKpeDos-iiirLqNTw1zcHeeFtnXTuoI-CJAnArmtu3NYCOa8l_EpS6uRvcV6ZoWZJpFZalgGxiLIRliyYbcwONNSLqWbaZ6ehWr6f6LnbmSED1sYDDaoxpQhdCxXK4Kr9adBXoHpjQeapxe862VcQVTg1wfu72-l17GGK2CjaETho0numUuohFiGkz4EAnTV3A7hFACxai4N11Fhmmz2TITnBE9h_GNiECcMZh20KJSuKS7_SjcqYPEiysRqSgBvPReKrQ1rGWFV_mLUERWghQf4O0162R7y_JtYdB067tdhs9CFhtwdaz2Pj9uhhyHL4yNmF_FWVxict6atKGUjBFdZjt7bziuQq5Sz-dvoFA8ENLAe_vxt3ez6cF0vpRENwVslLIA3UfbsSMLwJz3Urtxvf9-uk7maJC_Y_TFBTzVRMQeIbuECmBlc_7z--zq6S7W2jNjhz2nQm1MmtFokG2GAJQf6o_8BiYyxKoanzAFoXTI6xxqAPaL7Wm348bAP5eyh8P1alHCPkprcQgHIP2MD8rJQFt6cu7as5yn-lPSxB-LSDDJo7yEIBAZJM6G51XqFOnLHtgPecKSxIpd21Cfz5Yzmf1DHsVaHWlfrhmwdyPY0PEaDFaLvVUKFoC9MA-4e5wWXqj2ZbrNNiDYZpxSEEcp5PEB1ixsffa_jLo2E46bmmVnCO9pg1eLDF7zVUpWUwfXixrFe_md1FzL1bPaapM4QWqtRlxOuE9YXGwjHEGb-2SMmQcsWxaeVI6dickry6kXt5GSUBqq-qT7SrsJjA83Ky58eE_Hk7oYIzsUwiahmrP8ATddJUUG7uPLgadggPCGJr98tXEV1wygZ8gE-DStGHtA-sgVhA6jDdIcBAgDXlJF69L9tG_nkQ3nAa0LL8R_m32qM3U4BpWFsDH8_50lgIapyfOZ58I2AZhsz7pvkigFYukWUGBr7iqlluepovSvWMaY0XNBGBDEzfYTYKek_HDoH40ihpXiqOO68xLoLNqzEj-1MzH4ls7oCuJTS0By_VpmTwhIUxEg3uxqfKbE-stRIcmVSdERk3D0HTnkR5OSHMLuWamH6QIXICZFcU1OutCGaiLgA8RczSO79GprRpzE5pzr9csfx_hMAf_nXSUjE-E0TiPG9bcQH6jTZwPiq542Mf2ff15IlLcDuZmKE4SS1G-1yGDljq-ai479gRXAE2KLq9HEO686hgozHrZo06ppiNQjGSJxJtWRh9VAEJVVZqx2NQ6WQdYPXT3fImBElxUNyXugmqi_DhX7wHMomN5ugnKflh8vl2dubnRf0Uesa-el-s7LLRX5rPXvww0S6LM51OzWpBfeFFm20l8kTmkrK6jTtTL92HdjVu8WTfclX1Fp92Fyg28YrzqbjA5cP7AX8iYpKDITOh5tmlGzq6yFSw2Pg77lA_ez1kJHkU-8919XpWdSAjbFgQeGkavjrrIzZZPGLmO9V4Cl337ylZWV0&cid=CAQSSwBygQiD8jMdUx2jO5TkgRLgPgjyY-N-x_wY2pq4hUTGYCcR0O7Qds1WvEQWjaiHLG0tHM8vz2oURx3B3YukpIaFlkPs50lv7vkcmxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=10132920350031202000&adk=943508955&idt=182&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
15552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 7F6A
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D77Bd6yrA1lPTGKdLD3PzIH3zZsDZq_F5bvzVURo_Z_XAAwAv9g0knA2uG6k0LTnpyuu2WBWYiG1hQjKrA076hUiUz5A&cry=1&dbm_d=AKAmf-AF8Yolbixo6pPweAmOsXRB1XLSRl42qvLIrGu-C_Hv-K6R7SMYGgFYPc-XQKobQ91geuGJYcbSXcf0sM-YkfuDRQrbvCM4rseD8zirZq6S9RHj8GNrpyw1-nTxpZSFxloPfgB9mopZECeynZg9eojbf6tyRlyM1SGEcr_3kZyhxihLEIeY5rOHpGzOLBsDLPGT-J9v-ebGLfNFGBbHhyLDboRf5uKpoQLYZ51hrTcuslki9cpoXhY867Hf-cO06AiMhIxagGlvA46UEbrDEmBwhb6guDHaOje7HiOMr3fjD6tOR5iwtlbnApxU6JOdev1fpRuYqHiYwDlZh7nTqp4GEiuOif0df6oqc5Mw3Va_ThQGz3QAQ6kPeRc3P3I3d-zW0BmUBN3hcX0mq5i2LEtT7mtAJUGkDHYSO1-Ly-kVBK9HexcUo43Qn2V41cvhkT0zWijQ-OQ9NLgvG-qX_nqx7JJsTI5mGkEe_CNQ62HjPjc6xwKpD4i5B0TlRykEKvO2jlIojyfzJGduTztsVAYY4m4ugQdHSfq4WJxJdNSBAQ1ptdBjw9wlOMI8TOL9X7GMI_0rL9HYBCTbW833nB_bsvl11mNEkcY-34Y6fzRjOC-OxJFGs2j9-2Si713hqJkJpYDDMU_GkVqC4x6nYESdqW3YWm1HuZpQ7-deeAD9ZHaUwkt-5NROf1dTAMqkxAMFc9Q-Ha3rs2sYRvYbWpfUZA63QmXUUJ845uB9DXpb2VUNZUNbgxbRrDMOwOaHmzj1gI2zNRlaDSQjn6EDwUDUIqt3Kkg1wZRG0fdgibj0FG5rjhD3LShbmaPOxf5Tq3XorvD13IOzHnBRGXG9KhtjcFnnvCHA5X9mliqLiF32uXoy8jdCzVb82NcE9eCu536AQad0rdGNYgPLlOX0seoD-9mwXnGIxo7yyf8CDIDLVguDgFRyAGig6V2uFrh_kd5FFUVGZVqOU3_YxKPs7YrrTTLEzrzTBkYa2QHHqHXnaKuENZv-cQENNKNbv4zjc3Wof32dbVMZOwKQ5CpQJIJIR4oAWDwP5ARtmK2RuoeI0ESafkgmKUAQMcsEVT-C0AItPNPIDI63ybr0oGPUWVkjyahRuob5ak5U5nOf8OXOgc5AfjlPpElCzOHPCqvB0CUibz4TvMi0TQpDnhT9jXW9j5B7jzuR5IdYyK6jZ0VR0NjEVoATI-n31WP31qzgmoVJaUXpNyuuaVpsm0FD9xHvTbvrPlYCQ1hA6Ov89H_fYPOxMG6uV9Q3P5troC0VCkLipygVL9vUdd5uMt_y0HKW-wJf0jK998MxZMl1Z4vQsh2e_EWr9Ar3hFjMjYmhV-28nFGhBsYKHiHbFt5hZa9VCrjtTafvC_zXvgMrd-sHmpB_OBM1DdEqDDuWMDRl_OlhPiGS32DV-QDU2VcKf3-Y5_PPlOcNtdGf2TCOnKLtEWL8AKKFZRiq6EX0HaBcOujoh7jnplTGpzz1dG41MIMhbDFf8tRQjHTkWdQArdI9PX2jRHppiuoSf4HBpI2T2R2ZORxw3CYycJ8mhF8rp-QNxoVpuODxYaIW1OpPxRIShGWuYeNMc3JuvZKhXfT8DSugyxYRmcz0k_gFIS0d7DfSdyHxjEk_F7mhw_4pjURfpJ7TgQBfLx1id6_rUyuEs2MrBdew4uG9LsmYzzSGJJyjT8rY_rJMWN01MpM3xMsn1c7kd6wIUaUazJEQ64xoaXzWvlHzvRq5l8yuY6AWjvSheDWMy6YHJP5w2XENcUpRVlpufYYg3GQrHCol0hxHCor2g_ulSw5nf3C1pPsuztAFO-YE1tbpp74I3HkH5Qb-FcB0waRS71XFt7PkwTbxVHhMQ8aGDT-5XKh15vwgrgr-mJ4zCxM4fdgHBiTbgfdDy7ddVkjjG_kEQZG4FDjv4IjoMFJVsfFOMKUpVPymvKfUVtEnNtKhpoYMwlhy7lR-QmT2x4gOc9MKxXWFtuxGAoVgdPj--4BxMeII-1fFlcNRRtX0jk_di3wUnozc7rk9VIk8OoHnnw7eRy7bgpE6L7yri0qYL9r4tvb-yFlMsM8IQQC_OVLtOdKjgJLNKpeDos-iiirLqNTw1zcHeeFtnXTuoI-CJAnArmtu3NYCOa8l_EpS6uRvcV6ZoWZJpFZalgGxiLIRliyYbcwONNSLqWbaZ6ehWr6f6LnbmSED1sYDDaoxpQhdCxXK4Kr9adBXoHpjQeapxe862VcQVTg1wfu72-l17GGK2CjaETho0numUuohFiGkz4EAnTV3A7hFACxai4N11Fhmmz2TITnBE9h_GNiECcMZh20KJSuKS7_SjcqYPEiysRqSgBvPReKrQ1rGWFV_mLUERWghQf4O0162R7y_JtYdB067tdhs9CFhtwdaz2Pj9uhhyHL4yNmF_FWVxict6atKGUjBFdZjt7bziuQq5Sz-dvoFA8ENLAe_vxt3ez6cF0vpRENwVslLIA3UfbsSMLwJz3Urtxvf9-uk7maJC_Y_TFBTzVRMQeIbuECmBlc_7z--zq6S7W2jNjhz2nQm1MmtFokG2GAJQf6o_8BiYyxKoanzAFoXTI6xxqAPaL7Wm348bAP5eyh8P1alHCPkprcQgHIP2MD8rJQFt6cu7as5yn-lPSxB-LSDDJo7yEIBAZJM6G51XqFOnLHtgPecKSxIpd21Cfz5Yzmf1DHsVaHWlfrhmwdyPY0PEaDFaLvVUKFoC9MA-4e5wWXqj2ZbrNNiDYZpxSEEcp5PEB1ixsffa_jLo2E46bmmVnCO9pg1eLDF7zVUpWUwfXixrFe_md1FzL1bPaapM4QWqtRlxOuE9YXGwjHEGb-2SMmQcsWxaeVI6dickry6kXt5GSUBqq-qT7SrsJjA83Ky58eE_Hk7oYIzsUwiahmrP8ATddJUUG7uPLgadggPCGJr98tXEV1wygZ8gE-DStGHtA-sgVhA6jDdIcBAgDXlJF69L9tG_nkQ3nAa0LL8R_m32qM3U4BpWFsDH8_50lgIapyfOZ58I2AZhsz7pvkigFYukWUGBr7iqlluepovSvWMaY0XNBGBDEzfYTYKek_HDoH40ihpXiqOO68xLoLNqzEj-1MzH4ls7oCuJTS0By_VpmTwhIUxEg3uxqfKbE-stRIcmVSdERk3D0HTnkR5OSHMLuWamH6QIXICZFcU1OutCGaiLgA8RczSO79GprRpzE5pzr9csfx_hMAf_nXSUjE-E0TiPG9bcQH6jTZwPiq542Mf2ff15IlLcDuZmKE4SS1G-1yGDljq-ai479gRXAE2KLq9HEO686hgozHrZo06ppiNQjGSJxJtWRh9VAEJVVZqx2NQ6WQdYPXT3fImBElxUNyXugmqi_DhX7wHMomN5ugnKflh8vl2dubnRf0Uesa-el-s7LLRX5rPXvww0S6LM51OzWpBfeFFm20l8kTmkrK6jTtTL92HdjVu8WTfclX1Fp92Fyg28YrzqbjA5cP7AX8iYpKDITOh5tmlGzq6yFSw2Pg77lA_ez1kJHkU-8919XpWdSAjbFgQeGkavjrrIzZZPGLmO9V4Cl337ylZWV0&cid=CAQSSwBygQiD8jMdUx2jO5TkgRLgPgjyY-N-x_wY2pq4hUTGYCcR0O7Qds1WvEQWjaiHLG0tHM8vz2oURx3B3YukpIaFlkPs50lv7vkcmxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=10132920350031202000&adk=943508955&idt=182&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
15283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11036
x-xss-protection
0
server
cafe
etag
7166013058933939784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 16:03:59 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5B0F
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/error_handler.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:41:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3465
x-xss-protection
0
server
cafe
etag
6788195977828770272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 19:41:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B0F
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DvoyOGvGzoNRA1rB1zOXu7pcdh0rlwqEHxHBEq1DhteBsAFyRUqPelI89PK-Tj4mFTgFIrsJs8MGkTqhXANLsRqSH_zrf8217BweRLeih1Qq9ni5A
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B0F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11562306173966616225&x=1&ct=76
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5B0F
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5B0F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 20:13:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 5B0F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B0F
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
viewability
hal90007.redintelligence.net/ Frame 5B72
0
150 B
Script
General
Full URL
https://hal90007.redintelligence.net/viewability?s=64051800150414804444550012297007&a=724bccf5&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/request_content.php?s=64051800150414804444550012297007&a=d84aca33
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ Frame DF67
105 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82d2cfd985a93ccf2cdea7a5ce144439d5cd1f4fd8e314a5ef6297233b751aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41203
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 20:18:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B0DC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304120101&jk=3654934142425638&rc=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7F6A
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 18:12:30 GMT
truncated
/ Frame 7F6A
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8748eafdf64a3230ad4671bc9e61677c6eb40b4485f9445a4b80b528de16a3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame 9552
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
pvClk.min.js
analytics.webgains.io/ Frame DCA9
85 KB
31 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64051800150414804444550012297007&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:54:05 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
19478
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
aiu8rDBd6OfoSckEA1vLM_BfN7jxcr96hOhhJx0NR88oO952fbskVg==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame DCA9
85 B
437 B
Image
General
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1681763022&Signature=M327OfEh~qEa53mqOIGs2mQDYRrcphcFsPgoS7ul04zYXQ0jV57zOvLYNHyvZP0tD1hxx-SXs6SulW3ZvU6w4KIOuonZlXzhUQPlJmPgf39OfLnMDXxygY9QwlssvHp4lAExzL9kdauXrTOJVvyRlIO7qeK0SOr96MAO9Ga-vZF0IO7kcZwpfkiqm9a0cQuKTr2Pp5yN90FeFg-8B9mZqkKM1x3KKy-aDWDZ51ndB-ySyqWbLqv34XVViSFtnE~HahO~EmxkNbOfSrXsf9Qu~EQllKHgYZ6cMvDKGfI1NTfqluKrQuqe6TUfmevWPEOj8ebKBZ4k1FoF-MEsZ2jCRw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 17 Apr 2023 01:03:08 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
69337
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
fodQ0tkBfEFGdPSpslNvy1Mwxsl-jnvJ72QCnMgwC1fJVx1B1MDWcA==
dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518
adservice.google.com/ddm/fls/z/ Frame 96F4
42 B
63 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMXGs63esf4CFdDxmgodivYFWg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5415684112701.518?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D4BB
499 B
203 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNXfCPEYqxB7hmyMvSuzv0cR6SU3Fk3cu-uH4xPzRpWuBKGhuYplDkqZhJXYKNf4lI5iH2q_2HmXMk8ksQrx6Pe1rkaz6U0uliBfMpZRt1u29JFuNuk
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
183
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
www-widgetapi.js
www.youtube.com/s/player/36754c51/www-widgetapi.vflset/
184 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/36754c51/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a7c417f67159ae3e9ef95aa85ee360b0ba0d07608d9f9c8e615052b1da1400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
1239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63301
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 19:58:03 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D64F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42232
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 08:34:50 GMT
expires
Tue, 16 Apr 2024 08:34:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
300x600.html
s0.2mdn.net/sadbundle/18270589126315171796/300x600/ Frame 0787
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16f1c270e5f282d499f697d9d49cfea87b8329076f5224b65e5e9ca1ca9c126f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
211887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2315
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Apr 2023 09:27:15 GMT
expires
Sun, 14 Apr 2024 09:27:15 GMT
last-modified
Wed, 05 Apr 2023 14:42:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7F6A
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVT-zB4yYTVZdfbXHGtQmkhtECIpGozaJRvN5oTglu9brNa3ZNPJFA56SxyN4f2PDGi6izwaJCLpwmgNdlw8ldPEgQUjw2GMGCPr5Er2rENSDuY6MJtpy-8RfZ4BMKdhI2xDMIGDd0-W4S8gx3QJ6cFPg7sK0uef3tg3WI-4CjfhXBoJ60W8xzsyKrM_zr0uUaUEFYFFsTkUDtfKLZuJArmcrtAlCFB1FGHWwBcBP_EjK5SCyfpqZeh3ErXBQzgrSDuJ6HxIQwZNaen8NusipDdV1pdOqxYMxCs__jVZ0g7Qh3vBvwlf6JrCdOnUUXWjnECZmnpjN-cBKICIzXoZUxZ5mBb44q7cdeK2WrrTd-kGaMPGqEI-p8a_HBqacK-Ecow5xEbHp6xi8WRLank1jnhvDxqqe5U-NxmVhvQficc8mRl81p6hlpCoU472JZ07zVRyPNFXGtULIgtWTLT4_Cby0GH-2ZL9HCHm_9HQChqf0MWBQKsV0xxpsbR5-omsiC0izGMQ-ot6LoxIMfUdMSA8dnZnLb49zpGeoHQjXj8lzAfFXyTzPsJzR1e4hfBXPgEpekMC772sbAheuIuCNxhPgug78mlhTicqwj94xgziKBKT-SPY99jU6pvkDg9WYDeePAlsbL_saVI41Sxlvc16r1NPCJjfVJb8EUYSEVDtHLOtzO7Qyto35U1xV7x2jnKSw8Ad0VNDCSGl_5FHp_GNZDy02sEWHq9GOIrwzGR1mwV2HbMj8KbM2CqkVB-0k5fhwg7bb-EMHg8Kwq64qXP4qePHqaodEwWlBRz7SXl83hDiIJY5YSkGHW90W9o5GCEeYFRd8K3oM-5mD2uXCj6nZJmm1zqxL0WqbzbKdE8QbQDI-nNIJgw0QeLKvNd50Olqzf9zUTYtoNxesxY8TY8qJc4Bg-H8c-J2OZlLTdrBgJ8U4vmazzKrqzlmG8HGPwE8cojpJuN4PQrdBgZ8VCIKSajG6c2CwxV7Uk83fOB8AnEPEMQaoBSIys7iyhwCQ4g2s25sUdyTJ08PP3irLCbC11mN1mbaKVkLG8Izgm-ayaU9fUyExx_MYVk5KQE4RMjwZnVws9G0Yy0ZetoB8C-Vt4Ens9HbovaXJGxmPDcivt6qpJwOaE82XJn0x_KCvUXpEG9IFlVwMjsa4yaRFC_Fk7Ve4ZGz0tL-Jt9NRb_FZemOHuDsb0aEYO7trAmuTI19H_PnlSiq4BebLP9ZCkfzkriD3K_B3QPwWeu_wtk0mSY3E3kI3vuWQ&sai=AMfl-YRWxjV7Erhnc_49lHxNZpRd-sMk7UToJO35TcZw-b4XWZc4UHo95a-CQnjIIZW5cS-XHSBvPi6Gvz5c5ZCScs8tOuxjGSuRYJCE1cQL2pbURDsJ9keANFEYlK5Ed2NSZjQ8GN_OOQMJitBNSd4hMs3931YEzbzjhOqvKe2V0OsI_GE8CALOSI-X-3opT_oW-5rsedJ9fAgQD_cxkj7hd2bTZcWuer-mAkNwrz-JLOKYSGW0fQZST3uucrOVhULp7wUu11WJ_cDng7QvQk5ggc-Qw03WLtX3&sig=Cg0ArKJSzIcrul2SepiWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=116&cbvp=1&cstd=113&cisv=r20230413.08652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B0F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5634406559342&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B0F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5634406559342&version=m202301230201&ct=76&x=1&cor=11562306173966617000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5B0F
88 KB
36 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY6xNHrlgtnNssmtMQQJmX56kqZn7HUxa8NdJqZjMdiy8p4_OJSSANB7HergyTBcz75CnbJmQK7xpF6lcpyc9vmH-4FbUzNC_5_he0ksUGozSbqYCOYmAjHmBaCQoDBKUcI_Mv9fhJAY7pAq_ckWYC3u-FnaWmB7jiJnQ0UkHZno8UbjY&dbm_d=AKAmf-A9zXWLYNTkj-wSwXCMIcGqxZ09sH5JiGxO5TV4F5p8DRpzFlLARMaqizP15hssOCUYmnhaAPLO3N_QZ9dLT4P5WKUHwbeKAVJ6u0Yqmv0-sN7NRg9Hz5lkxgHCvDggjF_-SE-RorqtvM1dnp1AA-LC8QhKB36S_3166r-Z_rGRVDaM1PDNtbE2yt3gy_SOn1aGoo-DUEwZQmFqL9J59F8fIw0x_7f72ZW29zyTZrZXfBxIYca2Mpfc0R5thT50QRtKvxhdnUa_Ue1PeBMGe_tjcfe0iJ-ce_aF7DTbc8Q2M2DS9841DyEjGsjLiitnBo4hEXKrEofVNA0fx34XzxEl1J6yETg91wqfTpOPJIFh1_lWZ8sLnh11r3TNV8XWFoUtruRvQrCGCw5KpDlMetA1ndBAyTXvs10edcy_AivwxD1bdLGZY1ihawgLzD_cHlkHBL43N9OsLZYP2J2BnWc1gmbrx-MdoW8woq2LgGN_AyM475S9EWnkY5pP7p4ycgKq_sNxRaizvPU4YS-hmc1Eaz9B7TXJmrkEQI10BPiN2XHK4ZvowEw4coeLgs4Jkpywid7CYkEjlwLGDEiNpIaY9yvxhCoKLCFEWevGbPCgg173A1OxazAvWbcPcjIrpSToI41EHfYWYGl0sYjyFuz_hFyg6Z4Sx__J3EZ9MeaHZHEtjjANN4Xxw7xqKXBAHV2Cxv-3DVx2C-JgacSTGx-AUoZHkFRkiC6L3Gg_yjemXgkwoWQfzTxc7RCxOW1FsbL1ce2dJNMTHuWaF0TywIbdQQ5qWNeJPcuKeYudRWbFLCXQJzTavSycVnp5Vhd5RWfHeWGXHofE9YJygvmzqj_-3-rPnScEUiCGn8nwBGFsKiJlCZi6KZvXN4ve3IA1rO1b7O7ZygqhUCGeotYk2_kaxC_82gtZVYA-SMhOFPoDs9VaP3YR6z7nq9RYpZy4eyt5Hp_uN2GFk2uV2XcX6zQ5hd7zpSZSsXmoRIjmEMwtLK0dUyi96sqcNeqenRSmgQXuwpJrcyyVv-wNeVZOjhDPDz4rmWfN1d1gDGuFsUoaPn1cEB4q157Pv87YINBIiut_fw92yTgmW1q_FkKJSAYDs4TKM4tOZXgRxmgFEwFP2SCAi0vQSIGsKV-nTVvsBSBRGxU4q-FoPSmcoNS81lQAw1OMSOd2cBsXL6Mt83cgRszcanfSIN4MVy36B9UIfmWGtJM1onLvzb7kUtEjc7THJ-6zuB4-v1bvj7rlNfqvnF2C_9EyJyq-HZy2PzEcU4NOhmQ9K5v7CbhSHzI_Xh1TqVp9ZP8mK31b6Nr4ysy0jimIMDhzlnL9RCQrUCOaubH-zureHV7kLnHgOEE-t-idk8TJjgTHbuBCkcqE4vE0ZHX0APexzMxnGuoEtFD02RrOafKyf3tCT6zuQpiXXcaZYWea1vvTOcu110impoZfriO-7JC1cW08tk-pL3VHAV5U4cu5SGgsnK4aTCxpNpapp-hMRHMYFTbS1sNqo5HFQrviuSUuytqpOpVl5wCq0HGzRuMcxnAksid7MgK224_OL1V3_8opFbD5ELN24ACfnwcyV22v8q7eJ-HjxRkGC7JKG_ckbEyNrLHP5WIdkgmUnPWmOQjiFJCIxHQ1WFusIEu2oEs0GlYasglLHrNc4lC97Rz_3rVOnFNmg-hvmBvr_CcVJgMiJ4GDT6vgZ0-GBRvRA3JjJyt6KkNrb6qbxY6crld35DO3M1zehCreu0peArVlZ3V9iRgbkdex31ws1JJGSxN_-OCF8MYjuH04KqGK53bqia7Bx_EIP2bZ7QsE6rq_uiK_2oBfn1QkiSLL752covWnQY-5hf0Y6zwpVbsBGjSb4MwxCKhWhPK8Szl324-IlF4RINep_C2MgDK4V2ui_TH8rP-cG_GcOv2BdpVfuoz1nDqbBhDIODbdjrHJgQ4dBrybcWzU2EspQZsZns7zO-_Aauq8BFUpoQj2tMvS_sPZLAy71eJMWZts6ZtPhxKqSiruwHn5UKeB9wNGmI7OZrqW1akAmaZ778qL1IP4S2Jc_IWERiLEzMwmWqF-qlCvB34sA3f1U1O8HrulfOlt2RFATX3i4fk3uL09SmSkY5_0jnYEs5LFStf6xgQt21IGmRKtQKiSpzZAQ3XOEDvW83cXatdI06zqeQKdX4wokChu61fC_diUQlVSZUEjQ9GlRRcOh_0JE09Sy-S8kVoPvwBUx_A3fog-luOtbQobXsic4Jc6ujJ9JLItaSAHKCkoHyy9oR4Fhkdz24xfIqr6fPtVpXryNubdyID4LTg9L2FO34nigg6uCsQ5oEmPYemtGj0_RSqDe4ntZO65aBdMp2ADyn9bktdnuH-Iljdw_WzX9bXZVHOcWl7M16F407kBSOvG24QMqNJ9RO43eT00hvMeSsNbkI9o9kQaGQunzwHVRt6pa0kot5XwEnV8UprnhCae5FSI5by0EAsdp624D6UfAfeVzwKtdBoIgGL_74OogOW7Mba6FcnuveWECZ-QP19n9EZzHBKSGEZ0AiT-Zm5y5cLtRMcuar2gPEfRsWTznxX5joi_lTE3TR17en1sOnDCb5H50f47bSSHs4HJUiRa8eI4DleJa7a7OzEaUdIUzWWDbD2kBmyVVFmtJnzwQ50F_kCeXElVmoAvMP57iP_5GDzV5sjqir3PJ4yRNbadVGMDQf_V9B5Fw6UFDnCLAortFtX0lHV10x_scTX9Sodw7gVu5pkgrlXXQFxkhLAsnhrOmYMHk7lyof_K1kh7GBxUGLj6IFI96CEmCOaIOD4x4m-CuP2PPCTbq6sX-HZMu4fYxNK0iurLOCJWc-eIuJWx7pykK56-W9jt4zvvF3QlwxbYoENoRhXz6bfhoTpGrOGVrCmnynmKw2J0i3h4lH-2r3qguBGJBDGZGM3dC1r_q7D6_QNZEkezCCokKwrdSfqfghFcPZNtLYppqaCiZSU3vj14_unnlQvGTBCihDJ21CvjCYeF-qPfM9-7K81SPONDw-QHvnGjnR8JErQCO7VrG1ro-VNs18j8Qip4FzI9D0H9uNcIdU98wkyuErh85vfhRZirPQUVzKEhgx5J-vyGcciySt4D9GPdECJjCzWjWCG7aheNpnKRy5N2cekUnjRiFOcakZ-FGKpcf3vLQMZ3cuTaye1GFlaTASsFY-V7Mz010qWfsU7UB2PmCrPii507M4mm16sdJA_9TfN_Z4CN_siP_ZndhPfq_h_5RBnVnFmAH6mz5UDF-tq2X8vut5ThGMpa50L-5LXrsuUTXqfP47TM2B1lbdQ65UPXobUXw8PiBcVUZSjvr5NUF50i7PuxNxaTJFirN5jST01yHQfles2vXTDc8VyC2gEYyPFnRB0DOCrn65KPuMM_w5rLEES5hnOQbZvmKA5jD-YdrGX1PKyKMA4sBHqN08vV6aQ7F3IqfiqnbdLfBscj4xeGWxYeCCbwlgPcvxMyFex8Lw&cid=CAQSPABygQiDiS-UxqbbUFTuoMtAf93OqRAbqcKqPE7TeooguDm3zjRwmQZ1T_gaO_tqUzdwT7zSRwQjydzUyxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=11562306173966617000&adk=3690638929&idt=81&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31cb61c50ef1537e976800ce617be90b4676b51489ad1decef15fda3c74d3044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36804
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3065041248302978&vrg=202304100101&nw_id=6717&nslots=11&eid=31073791%2C31073837%2C31073883%2C676982961&pub_url=https%3A%2F%2Fwww.theticket1590.com%2F&qid=CI-Uha3esf4CFWpY5Qodk-wO9A&iu=%2F6717%2Fcd.KYNG.AM&e=512&ret=300x600&req=300x250%7C300x600&bm=0&efh=1&stk=0&ifi=11
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8197
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkutX9OfZBe0jLFi0zI0LVZGZz3_tmZ7RtVGixp89zczwpR6KLCrMtcpLduwDF-Z-zL6J4CMLcvIkJVZTJxRO-ifbbIbV7elV2RuO9V4XLwzscjHp1&sig=Cg0ArKJSzHZ5crvgofKTEAE&id=lidar2&mcvt=1037&p=136,436,226,1164&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2718426587&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681762720949&rpt=707&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 0787
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Mon, 17 Apr 2023 20:33:42 GMT
300x600.js
s0.2mdn.net/sadbundle/18270589126315171796/300x600/ Frame 0787
46 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e0e5010d51c397e1478d07c3b38403c05858f2839626f9d7493991f6991820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 09:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10203
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 14:42:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Apr 2024 09:27:15 GMT
pixel
cm.g.doubleclick.net/ Frame D4BB
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNXfCPEYqxB7hmyMvSuzv0cR6SU3Fk3cu-uH4xPzRpWuBKGhuYplDkqZhJXYKNf4lI5iH2q_2HmXMk8ksQrx6Pe1rkaz6U0uliBfMpZRt1u29JFuNuk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D4BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNXfCPEYqxB7hmyMvSuzv0cR6SU3Fk3cu-uH4xPzRpWuBKGhuYplDkqZhJXYKNf4lI5iH2q_2HmXMk8ksQrx6Pe1rkaz6U0uliBfMpZRt1u29JFuNuk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D4BB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZD2poTz-HOGiKbJ-73U3eQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYidrjwAEwAQ&v=APEucNXfCPEYqxB7hmyMvSuzv0cR6SU3Fk3cu-uH4xPzRpWuBKGhuYplDkqZhJXYKNf4lI5iH2q_2HmXMk8ksQrx6Pe1rkaz6U0uliBfMpZRt1u29JFuNuk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE8KSbzCHUGE7Q5JNsLc1U&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/data/ Frame 8197
1 B
277 B
Fetch
General
Full URL
https://data.ad-score.com/data/cors?pm_st=SZvNYYHioRSEIgAjnIdUWDtVOkKkBSuj-FE7fPshldVrlKDwd2HLIEkvGPg==-E0zJPcpjblXkNA==&pm_ct=6d9202dc3dec0313c2a7fd41&pm_pl=1681762721330&pm_td=1470&pid=1000449&en=1.1&callback=__pm_glbl_vv4SDDJZ66aPGCsxgQlMpDtw._gc4&tt=g&v=6628d82
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.theticket1590.com
Date
Mon, 17 Apr 2023 20:18:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame D64F
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
container.html
06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CF6
6 KB
3 KB
Document
General
Full URL
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
expires
Tue, 16 Apr 2024 20:18:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5B0F
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Origin
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 08:02:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/ Frame 5B0F
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY6xNHrlgtnNssmtMQQJmX56kqZn7HUxa8NdJqZjMdiy8p4_OJSSANB7HergyTBcz75CnbJmQK7xpF6lcpyc9vmH-4FbUzNC_5_he0ksUGozSbqYCOYmAjHmBaCQoDBKUcI_Mv9fhJAY7pAq_ckWYC3u-FnaWmB7jiJnQ0UkHZno8UbjY&dbm_d=AKAmf-A9zXWLYNTkj-wSwXCMIcGqxZ09sH5JiGxO5TV4F5p8DRpzFlLARMaqizP15hssOCUYmnhaAPLO3N_QZ9dLT4P5WKUHwbeKAVJ6u0Yqmv0-sN7NRg9Hz5lkxgHCvDggjF_-SE-RorqtvM1dnp1AA-LC8QhKB36S_3166r-Z_rGRVDaM1PDNtbE2yt3gy_SOn1aGoo-DUEwZQmFqL9J59F8fIw0x_7f72ZW29zyTZrZXfBxIYca2Mpfc0R5thT50QRtKvxhdnUa_Ue1PeBMGe_tjcfe0iJ-ce_aF7DTbc8Q2M2DS9841DyEjGsjLiitnBo4hEXKrEofVNA0fx34XzxEl1J6yETg91wqfTpOPJIFh1_lWZ8sLnh11r3TNV8XWFoUtruRvQrCGCw5KpDlMetA1ndBAyTXvs10edcy_AivwxD1bdLGZY1ihawgLzD_cHlkHBL43N9OsLZYP2J2BnWc1gmbrx-MdoW8woq2LgGN_AyM475S9EWnkY5pP7p4ycgKq_sNxRaizvPU4YS-hmc1Eaz9B7TXJmrkEQI10BPiN2XHK4ZvowEw4coeLgs4Jkpywid7CYkEjlwLGDEiNpIaY9yvxhCoKLCFEWevGbPCgg173A1OxazAvWbcPcjIrpSToI41EHfYWYGl0sYjyFuz_hFyg6Z4Sx__J3EZ9MeaHZHEtjjANN4Xxw7xqKXBAHV2Cxv-3DVx2C-JgacSTGx-AUoZHkFRkiC6L3Gg_yjemXgkwoWQfzTxc7RCxOW1FsbL1ce2dJNMTHuWaF0TywIbdQQ5qWNeJPcuKeYudRWbFLCXQJzTavSycVnp5Vhd5RWfHeWGXHofE9YJygvmzqj_-3-rPnScEUiCGn8nwBGFsKiJlCZi6KZvXN4ve3IA1rO1b7O7ZygqhUCGeotYk2_kaxC_82gtZVYA-SMhOFPoDs9VaP3YR6z7nq9RYpZy4eyt5Hp_uN2GFk2uV2XcX6zQ5hd7zpSZSsXmoRIjmEMwtLK0dUyi96sqcNeqenRSmgQXuwpJrcyyVv-wNeVZOjhDPDz4rmWfN1d1gDGuFsUoaPn1cEB4q157Pv87YINBIiut_fw92yTgmW1q_FkKJSAYDs4TKM4tOZXgRxmgFEwFP2SCAi0vQSIGsKV-nTVvsBSBRGxU4q-FoPSmcoNS81lQAw1OMSOd2cBsXL6Mt83cgRszcanfSIN4MVy36B9UIfmWGtJM1onLvzb7kUtEjc7THJ-6zuB4-v1bvj7rlNfqvnF2C_9EyJyq-HZy2PzEcU4NOhmQ9K5v7CbhSHzI_Xh1TqVp9ZP8mK31b6Nr4ysy0jimIMDhzlnL9RCQrUCOaubH-zureHV7kLnHgOEE-t-idk8TJjgTHbuBCkcqE4vE0ZHX0APexzMxnGuoEtFD02RrOafKyf3tCT6zuQpiXXcaZYWea1vvTOcu110impoZfriO-7JC1cW08tk-pL3VHAV5U4cu5SGgsnK4aTCxpNpapp-hMRHMYFTbS1sNqo5HFQrviuSUuytqpOpVl5wCq0HGzRuMcxnAksid7MgK224_OL1V3_8opFbD5ELN24ACfnwcyV22v8q7eJ-HjxRkGC7JKG_ckbEyNrLHP5WIdkgmUnPWmOQjiFJCIxHQ1WFusIEu2oEs0GlYasglLHrNc4lC97Rz_3rVOnFNmg-hvmBvr_CcVJgMiJ4GDT6vgZ0-GBRvRA3JjJyt6KkNrb6qbxY6crld35DO3M1zehCreu0peArVlZ3V9iRgbkdex31ws1JJGSxN_-OCF8MYjuH04KqGK53bqia7Bx_EIP2bZ7QsE6rq_uiK_2oBfn1QkiSLL752covWnQY-5hf0Y6zwpVbsBGjSb4MwxCKhWhPK8Szl324-IlF4RINep_C2MgDK4V2ui_TH8rP-cG_GcOv2BdpVfuoz1nDqbBhDIODbdjrHJgQ4dBrybcWzU2EspQZsZns7zO-_Aauq8BFUpoQj2tMvS_sPZLAy71eJMWZts6ZtPhxKqSiruwHn5UKeB9wNGmI7OZrqW1akAmaZ778qL1IP4S2Jc_IWERiLEzMwmWqF-qlCvB34sA3f1U1O8HrulfOlt2RFATX3i4fk3uL09SmSkY5_0jnYEs5LFStf6xgQt21IGmRKtQKiSpzZAQ3XOEDvW83cXatdI06zqeQKdX4wokChu61fC_diUQlVSZUEjQ9GlRRcOh_0JE09Sy-S8kVoPvwBUx_A3fog-luOtbQobXsic4Jc6ujJ9JLItaSAHKCkoHyy9oR4Fhkdz24xfIqr6fPtVpXryNubdyID4LTg9L2FO34nigg6uCsQ5oEmPYemtGj0_RSqDe4ntZO65aBdMp2ADyn9bktdnuH-Iljdw_WzX9bXZVHOcWl7M16F407kBSOvG24QMqNJ9RO43eT00hvMeSsNbkI9o9kQaGQunzwHVRt6pa0kot5XwEnV8UprnhCae5FSI5by0EAsdp624D6UfAfeVzwKtdBoIgGL_74OogOW7Mba6FcnuveWECZ-QP19n9EZzHBKSGEZ0AiT-Zm5y5cLtRMcuar2gPEfRsWTznxX5joi_lTE3TR17en1sOnDCb5H50f47bSSHs4HJUiRa8eI4DleJa7a7OzEaUdIUzWWDbD2kBmyVVFmtJnzwQ50F_kCeXElVmoAvMP57iP_5GDzV5sjqir3PJ4yRNbadVGMDQf_V9B5Fw6UFDnCLAortFtX0lHV10x_scTX9Sodw7gVu5pkgrlXXQFxkhLAsnhrOmYMHk7lyof_K1kh7GBxUGLj6IFI96CEmCOaIOD4x4m-CuP2PPCTbq6sX-HZMu4fYxNK0iurLOCJWc-eIuJWx7pykK56-W9jt4zvvF3QlwxbYoENoRhXz6bfhoTpGrOGVrCmnynmKw2J0i3h4lH-2r3qguBGJBDGZGM3dC1r_q7D6_QNZEkezCCokKwrdSfqfghFcPZNtLYppqaCiZSU3vj14_unnlQvGTBCihDJ21CvjCYeF-qPfM9-7K81SPONDw-QHvnGjnR8JErQCO7VrG1ro-VNs18j8Qip4FzI9D0H9uNcIdU98wkyuErh85vfhRZirPQUVzKEhgx5J-vyGcciySt4D9GPdECJjCzWjWCG7aheNpnKRy5N2cekUnjRiFOcakZ-FGKpcf3vLQMZ3cuTaye1GFlaTASsFY-V7Mz010qWfsU7UB2PmCrPii507M4mm16sdJA_9TfN_Z4CN_siP_ZndhPfq_h_5RBnVnFmAH6mz5UDF-tq2X8vut5ThGMpa50L-5LXrsuUTXqfP47TM2B1lbdQ65UPXobUXw8PiBcVUZSjvr5NUF50i7PuxNxaTJFirN5jST01yHQfles2vXTDc8VyC2gEYyPFnRB0DOCrn65KPuMM_w5rLEES5hnOQbZvmKA5jD-YdrGX1PKyKMA4sBHqN08vV6aQ7F3IqfiqnbdLfBscj4xeGWxYeCCbwlgPcvxMyFex8Lw&cid=CAQSPABygQiDiS-UxqbbUFTuoMtAf93OqRAbqcKqPE7TeooguDm3zjRwmQZ1T_gaO_tqUzdwT7zSRwQjydzUyxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=11562306173966617000&adk=3690638929&idt=81&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
15552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 5B0F
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY6xNHrlgtnNssmtMQQJmX56kqZn7HUxa8NdJqZjMdiy8p4_OJSSANB7HergyTBcz75CnbJmQK7xpF6lcpyc9vmH-4FbUzNC_5_he0ksUGozSbqYCOYmAjHmBaCQoDBKUcI_Mv9fhJAY7pAq_ckWYC3u-FnaWmB7jiJnQ0UkHZno8UbjY&dbm_d=AKAmf-A9zXWLYNTkj-wSwXCMIcGqxZ09sH5JiGxO5TV4F5p8DRpzFlLARMaqizP15hssOCUYmnhaAPLO3N_QZ9dLT4P5WKUHwbeKAVJ6u0Yqmv0-sN7NRg9Hz5lkxgHCvDggjF_-SE-RorqtvM1dnp1AA-LC8QhKB36S_3166r-Z_rGRVDaM1PDNtbE2yt3gy_SOn1aGoo-DUEwZQmFqL9J59F8fIw0x_7f72ZW29zyTZrZXfBxIYca2Mpfc0R5thT50QRtKvxhdnUa_Ue1PeBMGe_tjcfe0iJ-ce_aF7DTbc8Q2M2DS9841DyEjGsjLiitnBo4hEXKrEofVNA0fx34XzxEl1J6yETg91wqfTpOPJIFh1_lWZ8sLnh11r3TNV8XWFoUtruRvQrCGCw5KpDlMetA1ndBAyTXvs10edcy_AivwxD1bdLGZY1ihawgLzD_cHlkHBL43N9OsLZYP2J2BnWc1gmbrx-MdoW8woq2LgGN_AyM475S9EWnkY5pP7p4ycgKq_sNxRaizvPU4YS-hmc1Eaz9B7TXJmrkEQI10BPiN2XHK4ZvowEw4coeLgs4Jkpywid7CYkEjlwLGDEiNpIaY9yvxhCoKLCFEWevGbPCgg173A1OxazAvWbcPcjIrpSToI41EHfYWYGl0sYjyFuz_hFyg6Z4Sx__J3EZ9MeaHZHEtjjANN4Xxw7xqKXBAHV2Cxv-3DVx2C-JgacSTGx-AUoZHkFRkiC6L3Gg_yjemXgkwoWQfzTxc7RCxOW1FsbL1ce2dJNMTHuWaF0TywIbdQQ5qWNeJPcuKeYudRWbFLCXQJzTavSycVnp5Vhd5RWfHeWGXHofE9YJygvmzqj_-3-rPnScEUiCGn8nwBGFsKiJlCZi6KZvXN4ve3IA1rO1b7O7ZygqhUCGeotYk2_kaxC_82gtZVYA-SMhOFPoDs9VaP3YR6z7nq9RYpZy4eyt5Hp_uN2GFk2uV2XcX6zQ5hd7zpSZSsXmoRIjmEMwtLK0dUyi96sqcNeqenRSmgQXuwpJrcyyVv-wNeVZOjhDPDz4rmWfN1d1gDGuFsUoaPn1cEB4q157Pv87YINBIiut_fw92yTgmW1q_FkKJSAYDs4TKM4tOZXgRxmgFEwFP2SCAi0vQSIGsKV-nTVvsBSBRGxU4q-FoPSmcoNS81lQAw1OMSOd2cBsXL6Mt83cgRszcanfSIN4MVy36B9UIfmWGtJM1onLvzb7kUtEjc7THJ-6zuB4-v1bvj7rlNfqvnF2C_9EyJyq-HZy2PzEcU4NOhmQ9K5v7CbhSHzI_Xh1TqVp9ZP8mK31b6Nr4ysy0jimIMDhzlnL9RCQrUCOaubH-zureHV7kLnHgOEE-t-idk8TJjgTHbuBCkcqE4vE0ZHX0APexzMxnGuoEtFD02RrOafKyf3tCT6zuQpiXXcaZYWea1vvTOcu110impoZfriO-7JC1cW08tk-pL3VHAV5U4cu5SGgsnK4aTCxpNpapp-hMRHMYFTbS1sNqo5HFQrviuSUuytqpOpVl5wCq0HGzRuMcxnAksid7MgK224_OL1V3_8opFbD5ELN24ACfnwcyV22v8q7eJ-HjxRkGC7JKG_ckbEyNrLHP5WIdkgmUnPWmOQjiFJCIxHQ1WFusIEu2oEs0GlYasglLHrNc4lC97Rz_3rVOnFNmg-hvmBvr_CcVJgMiJ4GDT6vgZ0-GBRvRA3JjJyt6KkNrb6qbxY6crld35DO3M1zehCreu0peArVlZ3V9iRgbkdex31ws1JJGSxN_-OCF8MYjuH04KqGK53bqia7Bx_EIP2bZ7QsE6rq_uiK_2oBfn1QkiSLL752covWnQY-5hf0Y6zwpVbsBGjSb4MwxCKhWhPK8Szl324-IlF4RINep_C2MgDK4V2ui_TH8rP-cG_GcOv2BdpVfuoz1nDqbBhDIODbdjrHJgQ4dBrybcWzU2EspQZsZns7zO-_Aauq8BFUpoQj2tMvS_sPZLAy71eJMWZts6ZtPhxKqSiruwHn5UKeB9wNGmI7OZrqW1akAmaZ778qL1IP4S2Jc_IWERiLEzMwmWqF-qlCvB34sA3f1U1O8HrulfOlt2RFATX3i4fk3uL09SmSkY5_0jnYEs5LFStf6xgQt21IGmRKtQKiSpzZAQ3XOEDvW83cXatdI06zqeQKdX4wokChu61fC_diUQlVSZUEjQ9GlRRcOh_0JE09Sy-S8kVoPvwBUx_A3fog-luOtbQobXsic4Jc6ujJ9JLItaSAHKCkoHyy9oR4Fhkdz24xfIqr6fPtVpXryNubdyID4LTg9L2FO34nigg6uCsQ5oEmPYemtGj0_RSqDe4ntZO65aBdMp2ADyn9bktdnuH-Iljdw_WzX9bXZVHOcWl7M16F407kBSOvG24QMqNJ9RO43eT00hvMeSsNbkI9o9kQaGQunzwHVRt6pa0kot5XwEnV8UprnhCae5FSI5by0EAsdp624D6UfAfeVzwKtdBoIgGL_74OogOW7Mba6FcnuveWECZ-QP19n9EZzHBKSGEZ0AiT-Zm5y5cLtRMcuar2gPEfRsWTznxX5joi_lTE3TR17en1sOnDCb5H50f47bSSHs4HJUiRa8eI4DleJa7a7OzEaUdIUzWWDbD2kBmyVVFmtJnzwQ50F_kCeXElVmoAvMP57iP_5GDzV5sjqir3PJ4yRNbadVGMDQf_V9B5Fw6UFDnCLAortFtX0lHV10x_scTX9Sodw7gVu5pkgrlXXQFxkhLAsnhrOmYMHk7lyof_K1kh7GBxUGLj6IFI96CEmCOaIOD4x4m-CuP2PPCTbq6sX-HZMu4fYxNK0iurLOCJWc-eIuJWx7pykK56-W9jt4zvvF3QlwxbYoENoRhXz6bfhoTpGrOGVrCmnynmKw2J0i3h4lH-2r3qguBGJBDGZGM3dC1r_q7D6_QNZEkezCCokKwrdSfqfghFcPZNtLYppqaCiZSU3vj14_unnlQvGTBCihDJ21CvjCYeF-qPfM9-7K81SPONDw-QHvnGjnR8JErQCO7VrG1ro-VNs18j8Qip4FzI9D0H9uNcIdU98wkyuErh85vfhRZirPQUVzKEhgx5J-vyGcciySt4D9GPdECJjCzWjWCG7aheNpnKRy5N2cekUnjRiFOcakZ-FGKpcf3vLQMZ3cuTaye1GFlaTASsFY-V7Mz010qWfsU7UB2PmCrPii507M4mm16sdJA_9TfN_Z4CN_siP_ZndhPfq_h_5RBnVnFmAH6mz5UDF-tq2X8vut5ThGMpa50L-5LXrsuUTXqfP47TM2B1lbdQ65UPXobUXw8PiBcVUZSjvr5NUF50i7PuxNxaTJFirN5jST01yHQfles2vXTDc8VyC2gEYyPFnRB0DOCrn65KPuMM_w5rLEES5hnOQbZvmKA5jD-YdrGX1PKyKMA4sBHqN08vV6aQ7F3IqfiqnbdLfBscj4xeGWxYeCCbwlgPcvxMyFex8Lw&cid=CAQSPABygQiDiS-UxqbbUFTuoMtAf93OqRAbqcKqPE7TeooguDm3zjRwmQZ1T_gaO_tqUzdwT7zSRwQjydzUyxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com%2F&ds=l&xdt=1&iif=1&cor=11562306173966617000&adk=3690638929&idt=81&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
15283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11036
x-xss-protection
0
server
cafe
etag
7166013058933939784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 16:03:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 39E9
632 B
269 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjV_KnbATAB&v=APEucNU7w4ZGoGq5Qc1YbqBytOBT2XGS1dU6L-IMwua2zgO26mgvG8LXKGbbMzyTgD-ylK410s9MvkHW98N_vONx3dTqUrayalxMATdG7OIGNmvyy4aEBbw
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8CF6
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CF6
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BL2-BGBeTY_VHLnVHPTLTyJLSuevn6U88RiZP77yT_otJU5rZhHOli1dhzEz1DGsP6H4QJRWKXDl-lzPGL3DywKXP-FsL4MXVOC3hkayaThMKCfk8
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CF6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15825131614651546192&x=1&ct=119
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
d.adtriba.com/ Frame 8CF6
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_m_alw-on
  • https://d.adtriba.com/px.gif
42 B
227 B
Image
General
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
18.158.41.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-41-38.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:43 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 20:18:43 GMT
Last-Modified
Mon, 17 Apr 2023 20:18:43 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 8CF6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 20:13:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame 8CF6
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
15532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:50 GMT
l
www.google.com/ads/measurement/ Frame 8CF6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlw7hXICzrnbVxFTymgw_l5jfLZDlORYSMt64cNPh0m0tbYGQ4CRzl86nDRsgTjSZBtbY0TpXfm_7WEZRBykWgFK9DHg
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CF6
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 9552
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?qt0MIg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5B0F
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 18:12:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F4FB
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 11:06:46 GMT
etag
48472445140208031
expires
Tue, 18 Apr 2023 11:06:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5B0F
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9f2b6a18e4c7e8b502c1b1f23846ca677088e5ac468cecc11d874573876b4b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/10268516360994813842/ Frame 1977
15 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c59a487b27a2c9249442a1baf5e4a49dd83e66223ca7fe7fb38afd56f44afecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2270
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:43 GMT
expires
Tue, 16 Apr 2024 20:18:43 GMT
last-modified
Thu, 16 Feb 2023 16:02:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5B0F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0SLoYV4I05JmcM82ngmEX5Ib6BQOEcgIl3gIa3KNDlI1c8pzej1yuDkpSUQd_Te5d2V5MYH3eUr6FtNCq4JqiuCUxWSWU8_IESR4W7GoKdM0nrXBuJ-SmVDWMATGZY36JoRih7SSf-Jw7je0DdzH6RsZnaGCe_WOaLEMsJY5Rkxx-OTWupa71TJHUrNj9VreutFx_pHbcvmrGr_bdM2Fx3YjvSKIXbNZN2PsLmKs0KUeZrRqakE3GCN_tgXLlDBSx2I0-ybBBXoRB-smLyFqqv4PMuDELwYlwoTwtaeMau7QqUq4pIm5FTxN-ToEByuagWbsh9onE9pEVGfFbl2P_lmHNCALOK9eCpViMBB4WZBSbEtivhGeskeFOtCpPcXD3993doyfJpRDMGTm-PTwZspriM2zN1xYqk8IJcwRaSXrFpUU6lVwLyFHf13LjSYIWaz3YGD3InQfb_cx3Z97SL2brUfa_DncB_Zft1zbhouK7daBqtRN38A0HlNubfZtE7I9uFZQt3oBPSfcNnTQ-5yTy4Goqjv1yvdF6LhWo-o1b7vcl4KyqmWAqYu_bAxfv9_uVNTV_UjfpYhRmxYvwwQ70nGmS_EYWa0FXqpKNXfujWQGQRSmzgfIzKKN4wW_NHnIIn9QfTfD4aUKcdky0seS2Pnlq10bJcziSMDA6XPAe5Z00a_SkV5uBZplyDmZcSSVZvopclZf6Wm58aGnZ5QHz7pjmoInVbnDXie4J9Cp4A_HG6okx8HHfo3A0ZFrTroJ5Yr1Kzi1ER-pZOE-kMipmSRSEWd8D3o5QrCGkHaxhLrUoliKUQa8LCRYhOn1PmV_VYCfkojYKGKAprEpd9ZfNJ1IScwHpFsG21I7zLbm-U2PHnFu5NnBU3kIzPOrcc1vtdYZ9weRz8CHSb9y_r_ZxK6gxxTz24zNYSTazZHxcpCC5ZgjOpLn6Qfqh64-xy8lq1PxsgoxJ6TnzyYsxLLTkavtJRhoMdClwZMa5AtrcgRvAABSRc6FPej7c9K8EPQfsQ6jcj4nhB0CkCRbl16y-d_MbvWHUnRGncquIyRQVB-4fkTK-AfYzxOXUKcIXk0hb3Zh-npORHRAf0nFUyFfOmRIZFzt394wFuS5VfPPzupqPEqKix-SAhl9xcs4ab3l5t95fMSRFoTAcFdtiPG1vjrV1TRTfWtJRHX8dpzXpZzVqMt5FLuNpwHVJtRabe7gx974ZCtI6umUy9g8QMWVdACCVPfP3JGAZRPWAz4s_8n5VnmcAh5IYLJsU82LzYEvn1h6lVDsYlCRixZd7_60&sai=AMfl-YTzqwso92eM9woX_rJ_ljY9hgExSQbugnHrkmthr-kA8Gb-ra95uImzz65wuxF5-sdW0cqejWNDqap86LwQaFjAYpq3dc_ihqsowTZURvu2592sIKfmM2-UltzolYapNNlHrovk9pwacMRTOwHaOIom6VrFwEkAfmBykKL2wMs-6PXubCSll5OIjf9UqYXCKgZB71Npk2LCqL00RKhDNJUYh5zh5atA28MN8GJ1ISVM00R9pA0SMqUIihwYkvGs9TlNJ_0&sig=Cg0ArKJSzMl63aN70GRlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=123&cbvp=1&cstd=118&cisv=r20230413.30548&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:43 GMT
setuid
ib.adnxs.com/ Frame 39E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjV_KnbATAB&v=APEucNU7w4ZGoGq5Qc1YbqBytOBT2XGS1dU6L-IMwua2zgO26mgvG8LXKGbbMzyTgD-ylK410s9MvkHW98N_vONx3dTqUrayalxMATdG7OIGNmvyy4aEBbw
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:43 GMT
AN-X-Request-Uuid
a75fcc7d-f5c6-42b1-a4d2-37072e497d75
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDIYzzvmXMlnS7qzC8PCXw0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjV_KnbATAB&v=APEucNU7w4ZGoGq5Qc1YbqBytOBT2XGS1dU6L-IMwua2zgO26mgvG8LXKGbbMzyTgD-ylK410s9MvkHW98N_vONx3dTqUrayalxMATdG7OIGNmvyy4aEBbw
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 17 Apr 2023 20:18:43 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ab3bc1b5-9773-43bc-85db-462f0b79fe1d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwNDczNjgzMzgwMDM0NzY0Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 39E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjV_KnbATAB&v=APEucNU7w4ZGoGq5Qc1YbqBytOBT2XGS1dU6L-IMwua2zgO26mgvG8LXKGbbMzyTgD-ylK410s9MvkHW98N_vONx3dTqUrayalxMATdG7OIGNmvyy4aEBbw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGWaJxOlTpCVKutisYFRPIQ&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 39E9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjV_KnbATAB&v=APEucNU7w4ZGoGq5Qc1YbqBytOBT2XGS1dU6L-IMwua2zgO26mgvG8LXKGbbMzyTgD-ylK410s9MvkHW98N_vONx3dTqUrayalxMATdG7OIGNmvyy4aEBbw
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 20:18:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODZjZTdmNjEtOTdmNy0yN2MxLWRlYTUtNGY5YjJmOGY4NDll
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1676550659977.css
s0.2mdn.net/sadbundle/10268516360994813842/ Frame 1977
9 KB
2 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2c52786322f91f1cb6f72fd654b9836e3e221887ba95f174d66fc030a7a977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 19:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2442
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:02:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 19:31:07 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1977
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 03:12:56 GMT
1676550659977.js
s0.2mdn.net/sadbundle/10268516360994813842/ Frame 1977
20 KB
5 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 19:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:02:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 19:31:07 GMT
_13_SUV_SM.png
s0.2mdn.net/sadbundle/18270589126315171796/300x600/images/ Frame 0787
24 KB
24 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/images/_13_SUV_SM.png
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07fbb3798268063f6e2a18bc4867c5bb628b1a33b075f4629db1c704aa78f5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 04:00:35 GMT
x-content-type-options
nosniff
age
231488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24472
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 14:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Apr 2024 04:00:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7F6A
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVT-zB4yYTVZdfbXHGtQmkhtECIpGozaJRvN5oTglu9brNa3ZNPJFA56SxyN4f2PDGi6izwaJCLpwmgNdlw8ldPEgQUjw2GMGCPr5Er2rENSDuY6MJtpy-8RfZ4BMKdhI2xDMIGDd0-W4S8gx3QJ6cFPg7sK0uef3tg3WI-4CjfhXBoJ60W8xzsyKrM_zr0uUaUEFYFFsTkUDtfKLZuJArmcrtAlCFB1FGHWwBcBP_EjK5SCyfpqZeh3ErXBQzgrSDuJ6HxIQwZNaen8NusipDdV1pdOqxYMxCs__jVZ0g7Qh3vBvwlf6JrCdOnUUXWjnECZmnpjN-cBKICIzXoZUxZ5mBb44q7cdeK2WrrTd-kGaMPGqEI-p8a_HBqacK-Ecow5xEbHp6xi8WRLank1jnhvDxqqe5U-NxmVhvQficc8mRl81p6hlpCoU472JZ07zVRyPNFXGtULIgtWTLT4_Cby0GH-2ZL9HCHm_9HQChqf0MWBQKsV0xxpsbR5-omsiC0izGMQ-ot6LoxIMfUdMSA8dnZnLb49zpGeoHQjXj8lzAfFXyTzPsJzR1e4hfBXPgEpekMC772sbAheuIuCNxhPgug78mlhTicqwj94xgziKBKT-SPY99jU6pvkDg9WYDeePAlsbL_saVI41Sxlvc16r1NPCJjfVJb8EUYSEVDtHLOtzO7Qyto35U1xV7x2jnKSw8Ad0VNDCSGl_5FHp_GNZDy02sEWHq9GOIrwzGR1mwV2HbMj8KbM2CqkVB-0k5fhwg7bb-EMHg8Kwq64qXP4qePHqaodEwWlBRz7SXl83hDiIJY5YSkGHW90W9o5GCEeYFRd8K3oM-5mD2uXCj6nZJmm1zqxL0WqbzbKdE8QbQDI-nNIJgw0QeLKvNd50Olqzf9zUTYtoNxesxY8TY8qJc4Bg-H8c-J2OZlLTdrBgJ8U4vmazzKrqzlmG8HGPwE8cojpJuN4PQrdBgZ8VCIKSajG6c2CwxV7Uk83fOB8AnEPEMQaoBSIys7iyhwCQ4g2s25sUdyTJ08PP3irLCbC11mN1mbaKVkLG8Izgm-ayaU9fUyExx_MYVk5KQE4RMjwZnVws9G0Yy0ZetoB8C-Vt4Ens9HbovaXJGxmPDcivt6qpJwOaE82XJn0x_KCvUXpEG9IFlVwMjsa4yaRFC_Fk7Ve4ZGz0tL-Jt9NRb_FZemOHuDsb0aEYO7trAmuTI19H_PnlSiq4BebLP9ZCkfzkriD3K_B3QPwWeu_wtk0mSY3E3kI3vuWQ&sai=AMfl-YRWxjV7Erhnc_49lHxNZpRd-sMk7UToJO35TcZw-b4XWZc4UHo95a-CQnjIIZW5cS-XHSBvPi6Gvz5c5ZCScs8tOuxjGSuRYJCE1cQL2pbURDsJ9keANFEYlK5Ed2NSZjQ8GN_OOQMJitBNSd4hMs3931YEzbzjhOqvKe2V0OsI_GE8CALOSI-X-3opT_oW-5rsedJ9fAgQD_cxkj7hd2bTZcWuer-mAkNwrz-JLOKYSGW0fQZST3uucrOVhULp7wUu11WJ_cDng7QvQk5ggc-Qw03WLtX3&sig=Cg0ArKJSzIcrul2SepiWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=487&vt=11&dtpt=371&dett=3&cstd=113&cisv=r20230413.08652&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CF6
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1948722888049&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CF6
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1948722888049&version=m202301230201&ct=119&x=1&cor=15825131614651546000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8CF6
83 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpV7W8mleX6dgCHVgSY47R8qzVx0inTClJuIipuYRPcYbv9ofCoo7PhO7uuLxnISG1k_dkApa4w695Q2uCGNj3U4X4qqdfdSPj0ZUFJHa0Uf1f14qNeVvlBbnZ7NB3mCiiojTgqkFFKqwcj2Dr7pATrA727zmB46-O8eIJgO_4p_i9NnY&cry=1&dbm_d=AKAmf-B1sfxv9zy8Wico74rIZqHoCjHhuzpNloy9dEItF80-M-dh4CkHNoMAFTv82HudhxMNwFtkkJOSItYREZDDXt8oHSWdo9A0b-1X8R3zO0WJti_H9AWiqn7veVQrUdRiHLnh_Ft_o62kRbH5XpvQ82KARffPhdksFQ3PKKaahQNZrj33EfWdUASrxZ-FrFJNxmJppSQygmDf3qG2CDUHYjfBE-kEZ5R5nauBn4yRTJnKVw70PxtPPJcnL7fytrS6WiU602XKFxicvQg_U5Lc-mr6Z_ZPzk8l3Hh3VZ0awCCMHAmiHec904rSjxUKk8a0PV5MiUEjWmSZQmfJ-PZ85yD0G-QVOlVgv0bu1i3uRp04R25MSnK44Pu57jHpg5vM7tbN5F3muFPx0p_Z56Nn0ZBko6UqHVCD-T7N2j5j3gOOemjPI0-aGVHVU2t-nnb0BSRAhBBTtz9eu3xREFEE0P4LBEn-cmJAWPTncBXfydlAtJRR-XfiKfGqxxTBupBYzf5CQvhnZE97lXp-jfge68JsfASev2_Gl4IPRb9iX5XQE9y-p60gd-Gtdd4eiYgFo6y8adLojveLMKVVANg9sD1yhOA0fU6YtWwDi0yH4AX4mzYhsdyuQQv0hm2NGj7fZodyv2T9EjiBMb6SI7zhlJQTfz2VSuLaHKv-6SsPtE4HbqtBCjrCB9YjTAt0Ne440i-p08CiU7yM5SjbwRw90t_GxHHBQH36Wt71Wea-802VbLNB98vaPuXQ8lE70bRf6WvqBCFafWwOJX11SYrhbPulY6NH9VSYeb3Ug_ClJiXKGnKu-PtXG4hnCiyiws0jzEKLUc_vHWAZY1lVfNmengg1MvQggSGjQ3BP6ZdEvmoc1fAtfsVqgFFU4QC3WFLI852XPiDRoECk83Of46nlMqzLnmqdV8ZDaQVF09HnLdO4ycmPnQ-a_ZCcYb2wge74IJuGYitzcypUh9jxGJPwLzIDT6oVLpkKcpV02NrOVM7A94IUx9znH4xp0sejFOlyAtGFwerD92idT-VsCNntNRE2s_J58dIsiVup--z3RzKZoE9JnMnr3MzANkO5QkAvs2B07mqsw4WdcaGCYZUZf_Hhx1vxkV36RhSWhEO1jcHbJinNDC4UXNlLM-ivzUJvGG2x2Nxn1x9plEA5KM0io9KcvvaTpoZou_cBJ3dxRSukWgQtSloypO-gFIG1FO4jIApWOmxkvKD7j40YiYY8_Ktr9MqxnIdpMA708ggnnc2Hufx9fhMpvBoumsD-Sb38QVd5cso0P-huXO5EC_eGHyGj_nox1bPQd_9GSiHIGLubuhJaWOUOweJ9pStw5-nsXHvRKQAMb_apnS724qBfnoroABW_16Zgxa2e7vHk5P5SrW3j0l8KNG6auhCqCJ6TyKiQy_GP6Qa-NQd7yuOPHvYAbylDhfTpvwIpEzvV7uf-K_7TjPJekKLfwQWU5jJB8m6WU7LgYsY-3XP6-_kKc63-FDR06gIzseE_CC-qrjv5UDApAISYkAfFW81Q_wXPccBoSSIqAYBmtS_pQZJ_spZgKx3nYdZQXvLuxF90L61Ba2Ad51Kzm_SZMCSX67FLEaozoAt3EWcgh1HkjzA659ZbGpJhDsg8CvnadWHqckcDTxDA28DlgF-Jx5QLgX_m2iEx5wlWKG0BRmeLjX0rFX6pHInbFERvK894isxCOwrpx_LqtA-t6plon_iodX5B-SF1WuoTLU0pxebldpqod-nW5pXURBDUhyCpBLNEKpViJRWfbbqsGmOo7PIQ625wRaPPsdBj6MY7eM7OB7USg-zLEIF5B-HHSYLMmBttx6qOHDJUL4qJ2pdKKYNyz3LN7JSuq4LIrSp3_ZR4JbwZvuuu59VizJ3iE0KlMpmXfimC-_Mo6cZJRfEyQHeEVmPFUeGa_Xtu8nngsGUz_ffl2gbb9y2Rvo03N_zHhlEsnkhMCqW3EiSbwltZckLta2PhCLLbTno5Mer8RACu4Gz8SdE_g-eVBKYnnXTEhwHVk9H2pvhJZTMEfNZdbpH67zwRKykqGa1_mFIjmcwUcQ7UUpCLJ0n5RqccwtXDQ4ZAje-LphFkxP_YkuaJ-CCi6Jf8YP8L_r0pO21Gv9i_3NOHNy4h-j2ubySW6z5zbXekoHer0ATs5ELZepDMgy4txgw77du6F9cZL12WBeqamxgt-Y1NUMYicz1X-LAC2zNddZquWcpuEPG0hnRnLW64gqjadCFpFDiFlkhbX5V3kHdrppgRteQiMRg1wN51lXoZeVQ_enK5UIBxYuaIzP0e5mlbpGF4Mwi51HoMS-2tmeBncGtbTZsjL45aAC8pUcvytkQfMovD8v9TEm4dY6TGjMANDG6Kxmryz1MEHIMYI3oOlXR91Kmem65zgquuY2nXbY1voTlx_mU9XdmFZI-y1bIU6zFFiCyNJJrMGjxLlFSGhfawLcg7RwFcDZoKwGfLEjW0U4xTK-t6dRcbcofcgDsycGDHeypdWx6fG1DdOP23KQFuXzMBjuhWc4V1jfZTfW9cr1mH2uR01huBvToYlj79AWO7ofCcCEkiE6EMaq1y3o2_qdZmdx4sI6tFlFy02H6IKy2zRTHzXPrUwgB63-ovwoaBvCjsiqN0VJNGukvEpaKnxZ6Y63xArg4XPeTycyVJxzZ5J6OwSNQhbokyXvNBq-F4C0z1FFZ9XA-AimdaF_465hwHE1fy4CTuFBOe-MYTp1BJ3EET4lPSbE5Gu1cXLn0__52as0VfdqPp5JpNr8glESkAv_obllkAFxWBaIcxs_gjVyi4jFY12reCWIQBQ9KI5FcY68m4HcaSEVwFfSdJ9gk_mzGagcxQOcJGKrQENxtXFruj-ebjoN3zE5802kejmvONNGV1lOxAenWQvi3pS5fUSeSixDvz_FOnm-INZFLxiP3h6MAY9NfIxaBfwcmNwWCPA9sgZ1gp9EqkXBsQsB8hEFitU7MuWYx_-J0HAZIOwhr01dyLieTABpeogsw-Otf8F-p7ZHPX2rvErqKGKqEoXIqOV6x2ZVLzN63kDA9FD3DNroTYS0iXZAL5bBiO-KL0C_GzlWc_K4C3PEdEhKJFUUlk7IH5k__jm21GIGa7ZSWgddWlLSXwB-OaIqYnDcz0req1gRIgUt0CGCwrPUy3fSqm_b-Na8JjtGgtXvS71_j9C0HyW7iZnjWSqOmGYRIZiEdFZmadlfiyrivPA6J3q7Bqvec-NNZLAnRCt_U1IElgKlbjJcdWwWiFxDcXKjcWGJOlgbJMuLFL76HrmVZ_kGh8Xi4byX3o8r0W7Y8RLSNEHoBOwMbF_LMkcVjQQ7dGmeSJaRHCurJ4R0UMjfMHz7oU4h-ADtUWPWdz6WSuhFyz37MncFzxbw62jAHM5et1SXLFlxJ0mJYLdg9m593BkdzLuO7wMjRURNh1HUu81PeybeidX99fMNlQwLXltaFolJ7z3jHw9kxddHScB_goBGAA9slwSJjoofrGCHXoxFMOKGqBo-b9PLl5w3K5r3mLqEkl7ic0t5jdGx_BuZg1cVEJ8ifh_YOjgrlL5pZog1U&cid=CAQSOwBygQiDPnqS3nbRkbVJ62P5x6qrl-s7Uwqb6cE5PQpIT6f10Vkby4-48cT9QayCg8c9M2YUfpuydqIXGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.theticket1590.com&ds=l&xdt=1&iif=1&cor=15825131614651546000&adk=2565224959&idt=81&cac=0&dtd=4
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1350ac136049c7e08accc05423e9336a9198ba6d8ab7ef0b9760c2acbd47ada8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 328E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 08:34:50 GMT
expires
Tue, 16 Apr 2024 08:34:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame F4FB
35 B
363 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIp0DPldlT4ih82WghOdCps&google_cver=1&google_push=Aer7DvI2YTorsoAr_M5aLk5kda2nMgKQ_iA6AJYJrmnm8NfKp8THRlq6Ip_tFdQIU5Q8RFGtrOK7jFRaBiS9FMOdy5_bnp7cDXo
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F4FB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEdJYlZYOZenMxKkkB4XJmU&google_cver=1&google_push=Aer7DvISPOHg4bY69U7BE2NtArzX-DjsslPFscP-yqdsywjYkE9b6_Yqz8IR931WoytTAn6AqgqjrXKwtFyfwlzMhU_sMt6MD4s
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F1114E19D3C46E5849A3AC0866C4ED7&google_push=Aer7DvISPOHg4bY69U7BE2NtArzX-DjsslPFscP-yqdsywjYkE9b6_Yqz8IR931WoytTAn6AqgqjrXKwtFyfwlz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F1114E19D3C46E5849A3AC0866C4ED7&google_push=Aer7DvISPOHg4bY69U7BE2NtArzX-DjsslPFscP-yqdsywjYkE9b6_Yqz8IR931WoytTAn6AqgqjrXKwtFyfwlzMhU_sMt6MD4s
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 20:18:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F1114E19D3C46E5849A3AC0866C4ED7&google_push=Aer7DvISPOHg4bY69U7BE2NtArzX-DjsslPFscP-yqdsywjYkE9b6_Yqz8IR931WoytTAn6AqgqjrXKwtFyfwlzMhU_sMt6MD4s
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 16 Apr 2023 20:18:43 GMT
pixel
cm.g.doubleclick.net/ Frame F4FB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIS-42h7qY5gulD04FombsU&google_cver=1&google_push=Aer7DvL-UlWBV0pMw6mzLhcWQyC5_i3raHFLS1vio-kU5w_e9289TCSK8nx3FCrneaBXdl8TSZW27OX1XyV6xjCovSqY04P...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL-UlWBV0pMw6mzLhcWQyC5_i3raHFLS1vio-kU5w_e9289TCSK8nx3FCrneaBXdl8TSZW27OX1XyV6xjCovSqY04PcziE&google_hm=eS16OXZnRFp4RTJwSEp3NEp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL-UlWBV0pMw6mzLhcWQyC5_i3raHFLS1vio-kU5w_e9289TCSK8nx3FCrneaBXdl8TSZW27OX1XyV6xjCovSqY04PcziE&google_hm=eS16OXZnRFp4RTJwSEp3NEpwbGVFNTNOejl0NmFxaWR2Mn5B
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 20:18:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvL-UlWBV0pMw6mzLhcWQyC5_i3raHFLS1vio-kU5w_e9289TCSK8nx3FCrneaBXdl8TSZW27OX1XyV6xjCovSqY04PcziE&google_hm=eS16OXZnRFp4RTJwSEp3NEpwbGVFNTNOejl0NmFxaWR2Mn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame F4FB
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHZfsqztzBN9hUUlGT3ROCY&google_cver=1&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UP...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHZfsqztzBN9hUUlGT3ROCY&google_cver=1&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UPxRHc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UPxRHc
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvLUEB10-17dgmdz3mlK1SFxivCZRfsK2HoX2oyGDbN9R-Ta9sG8BfGNQrRRWVBrqgsduqdvn6S95_fx29S8TtaC3UPxRHc
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame F4FB
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEsPni32dL3mEXbZRlfdRYI&google_cver=1&google_push=Aer7DvKMk39prJIxfamEh-h7GU7Ej1exCzxnGhhpOlV2Z_SKCtNONFR665Yszjmls9Pc40TWpCyttR-JBTg-uZ7MR7vD1iKUx9Y
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
er69tde2oovrgrd0u34r3m8vfgo31eqp
pixel
cm.g.doubleclick.net/ Frame F4FB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGAWSptW18FDjKCMAPbwEkE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGAWSptW18FDjKCMAPbwEkE&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&google_nid=index&google_push=Aer7DvJdz7a3ZOx1wz8JGK1nrncatBnKr8t4q...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGAWSptW18FDjKCMAPbwEkE&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&google_nid=index&google_push=Aer7DvJdz7a3ZOx1wz8JGK1nrncatBnKr8t4q7Kg5uy4Q6JF3EUNY8OvqjgLOg9LVcU5RVvwljdSkfvjAJbOCK5UITFhRm5CLg
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGAWSptW18FDjKCMAPbwEkE&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&google_nid=index&google_push=Aer7DvJdz7a3ZOx1wz8JGK1nrncatBnKr8t4q7Kg5uy4Q6JF3EUNY8OvqjgLOg9LVcU5RVvwljdSkfvjAJbOCK5UITFhRm5CLg
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame F4FB
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHPYtiWyRLWWn-psO9TwiGs&google_cver=1&google_push=Aer7DvJnFUciFN5Cdxz-K87TJ2ybSq-ZpzRTuunNtaFqaW6Su2X4X4vilNT6eAb5ecBtPrejxreLvWdNv4xXRdkbbgsdzis...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJnFUciFN5Cdxz-K87TJ2ybSq-ZpzRTuunNtaFqaW6Su2X4X4vilNT6eAb5ecBtPrejxreLvWdNv4xXRdkbbgsdzisz5SU&google_hm=NDg5NTEwMjgw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJnFUciFN5Cdxz-K87TJ2ybSq-ZpzRTuunNtaFqaW6Su2X4X4vilNT6eAb5ecBtPrejxreLvWdNv4xXRdkbbgsdzisz5SU&google_hm=NDg5NTEwMjgwOTU4NzY3MzE1MA==
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJnFUciFN5Cdxz-K87TJ2ybSq-ZpzRTuunNtaFqaW6Su2X4X4vilNT6eAb5ecBtPrejxreLvWdNv4xXRdkbbgsdzisz5SU&google_hm=NDg5NTEwMjgwOTU4NzY3MzE1MA==
Date
Mon, 17 Apr 2023 20:18:43 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame F4FB
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3_QBRorvybw4o1uSLqvJxV87KW-L0N1WQ5HDCG4v0J3c1v4MFaEEqXNqA_lDCmSqdt-wJpw
Requested by
Host: 773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
URL: https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
H_Amalfi_CoastItaly_SM.jpg
s0.2mdn.net/sadbundle/18270589126315171796/300x600/images/ Frame 0787
138 KB
138 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/images/H_Amalfi_CoastItaly_SM.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb712e90d338b8cc33a7c5df712e3ac4ee21ebb8783766fdb04027bcd208396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18270589126315171796/300x600/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 10:59:43 GMT
x-content-type-options
nosniff
age
206340
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141683
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 14:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Apr 2024 10:59:43 GMT
logo.svg
s0.2mdn.net/sadbundle/10268516360994813842/ Frame 1977
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/10268516360994813842/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b810f1d6c9c09f151e83b74626ee412411683ef6c247520f049d2bacadf5db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 04:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1620
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:02:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Apr 2024 04:20:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D64F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByrbMoqk9ZNvRH9Ww9u8PxdmS8AcAAAAAOAHgBAI&bg=!V1SlVADNAAZA7GLoYOw7ADkAdvg8Wi2ZJW7d7Cs97SLZPT1zcs0irsD6IKu7AyZnFlQ-KBg2b_LweWFqT-40Skm-gG0JDL1ytvoCAAAA_VIAAAADaAEHCgACp8uZAzrYDrW-eccUe27CjzVCjlt9Q2l3cZBkpwBe8-_faISK59bRKQK4aM7GqNb4207ln6DlUHybe4X7qGz1YS_SU3blcqi-HElL0RZDq0gJ6kL-mLlLQYD9HrStU5m_X9WSajAgnoyTERKrAUfSYUyXheVAcD_kUPe9cajfXyWkLMdn0JFXCBnyImi2XtCIScmN8Utn6gJjqTpZ22pZU6kfNgFW-ZTVfaNPvvgBxiiXJY_XYiKUR0joq81VV0LcNyxebT71P3iewTQmB-1eITbnK-TM3ueYp1gdQ1UV3XS6casumwkgLxS_aoeds8yZ8y8CvxTaxKA4FJ6AYq7EckdvA32RwEDqVx9W9_1kP0_9YATbyMy1bAp5_fpifX_PQ9pDjMOo3HYAstfGvJD2gTLa4whJAhE25-lbqh2iHqc6DhjNit__mEnUljxCRlaT0yiJf8HBRiOxX7vE3bZbik3BSI2UeLx3NWX1QpI29uYtnmSJ0akzuV96zDAF4LHS8M1NxV7xB0CtTI7k4nbw2nEDzUstuLJjSrDHKVNXCJ6gpPwfreECD1LCQATzGYKzPDMWnLfywvmjV71ywLsESHAjMvZmjYXR2kPj-BDy8oODrl8Q4NClIZSj1KwO27Fcc4U3c6eIN6lPqhxrRIVCsxkAfIyofZkgxmAd6-7Hoj_LgEeBTw8Ol_mDH7uGkdJHy6zwJHnNC2XceLuvcxw1sDoTysUQ7EPEwpMfXTbCTf4iqWBaWzJ3EUNQT72jSNx80YwTNymdyZ3EG4EvYExLUabdL_139a7ScYtliaV7gWhdq4dJWXPHvgLqEg4GfHn0omzHvdS7lzl0ga8MpXxBnICquenjGNH6406DQG7NTmh0igRSaAHxIbWbE-ZWuzh7D5B1YfljFs-ODy7tWrCh27PnCAPqQen52s4i8lqd3k-nxghTo37JNXBrSpyru7KtjQtJebyJlWrezHpAGo5IQQonsXiM47Em-oGjkJTubYx_wvvJWuYjPuXBPRV-XghBBLuY-QkJXy_amuGKh1higHkHo9AHOB_9akvORcjBdwHmAnnj9eO7kEg6-ky_NYZPaQIupNj9HlrjFd9L0nbP
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5B0F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0SLoYV4I05JmcM82ngmEX5Ib6BQOEcgIl3gIa3KNDlI1c8pzej1yuDkpSUQd_Te5d2V5MYH3eUr6FtNCq4JqiuCUxWSWU8_IESR4W7GoKdM0nrXBuJ-SmVDWMATGZY36JoRih7SSf-Jw7je0DdzH6RsZnaGCe_WOaLEMsJY5Rkxx-OTWupa71TJHUrNj9VreutFx_pHbcvmrGr_bdM2Fx3YjvSKIXbNZN2PsLmKs0KUeZrRqakE3GCN_tgXLlDBSx2I0-ybBBXoRB-smLyFqqv4PMuDELwYlwoTwtaeMau7QqUq4pIm5FTxN-ToEByuagWbsh9onE9pEVGfFbl2P_lmHNCALOK9eCpViMBB4WZBSbEtivhGeskeFOtCpPcXD3993doyfJpRDMGTm-PTwZspriM2zN1xYqk8IJcwRaSXrFpUU6lVwLyFHf13LjSYIWaz3YGD3InQfb_cx3Z97SL2brUfa_DncB_Zft1zbhouK7daBqtRN38A0HlNubfZtE7I9uFZQt3oBPSfcNnTQ-5yTy4Goqjv1yvdF6LhWo-o1b7vcl4KyqmWAqYu_bAxfv9_uVNTV_UjfpYhRmxYvwwQ70nGmS_EYWa0FXqpKNXfujWQGQRSmzgfIzKKN4wW_NHnIIn9QfTfD4aUKcdky0seS2Pnlq10bJcziSMDA6XPAe5Z00a_SkV5uBZplyDmZcSSVZvopclZf6Wm58aGnZ5QHz7pjmoInVbnDXie4J9Cp4A_HG6okx8HHfo3A0ZFrTroJ5Yr1Kzi1ER-pZOE-kMipmSRSEWd8D3o5QrCGkHaxhLrUoliKUQa8LCRYhOn1PmV_VYCfkojYKGKAprEpd9ZfNJ1IScwHpFsG21I7zLbm-U2PHnFu5NnBU3kIzPOrcc1vtdYZ9weRz8CHSb9y_r_ZxK6gxxTz24zNYSTazZHxcpCC5ZgjOpLn6Qfqh64-xy8lq1PxsgoxJ6TnzyYsxLLTkavtJRhoMdClwZMa5AtrcgRvAABSRc6FPej7c9K8EPQfsQ6jcj4nhB0CkCRbl16y-d_MbvWHUnRGncquIyRQVB-4fkTK-AfYzxOXUKcIXk0hb3Zh-npORHRAf0nFUyFfOmRIZFzt394wFuS5VfPPzupqPEqKix-SAhl9xcs4ab3l5t95fMSRFoTAcFdtiPG1vjrV1TRTfWtJRHX8dpzXpZzVqMt5FLuNpwHVJtRabe7gx974ZCtI6umUy9g8QMWVdACCVPfP3JGAZRPWAz4s_8n5VnmcAh5IYLJsU82LzYEvn1h6lVDsYlCRixZd7_60&sai=AMfl-YTzqwso92eM9woX_rJ_ljY9hgExSQbugnHrkmthr-kA8Gb-ra95uImzz65wuxF5-sdW0cqejWNDqap86LwQaFjAYpq3dc_ihqsowTZURvu2592sIKfmM2-UltzolYapNNlHrovk9pwacMRTOwHaOIom6VrFwEkAfmBykKL2wMs-6PXubCSll5OIjf9UqYXCKgZB71Npk2LCqL00RKhDNJUYh5zh5atA28MN8GJ1ISVM00R9pA0SMqUIihwYkvGs9TlNJ_0&sig=Cg0ArKJSzMl63aN70GRlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=298&vt=11&dtpt=175&dett=3&cstd=118&cisv=r20230413.30548&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:43 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 1977
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 07:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 07:24:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1977
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe38727a6f141ad08dc64ac0da47d9e67732b77840285661e519a041cc18e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5849
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 8197
0
125 B
XHR
General
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.247.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-247-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 17 Apr 2023 20:18:43 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
tracking-event
api.webgains.io/ Frame DCA9
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.28.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-28-72.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
chunk-1121b3a3.16c3e697.css
b3.tunegenie.com/css/ Frame C001
712 B
1 KB
Stylesheet
General
Full URL
https://b3.tunegenie.com/css/chunk-1121b3a3.16c3e697.css
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0262ed76bd727f873ca1e2757ecf673b3ad1bba37640c6bbf9e6e84b5a51870c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 05:39:24 GMT
x-amz-version-id
tCOba1qkJ0SBEv40Bzu.1HyunEt06jMS
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
last-modified
Wed, 19 Aug 2020 22:27:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
3335960
etag
"78efcc1be888c63911df588255a60628"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000
accept-ranges
bytes
content-length
712
x-amz-cf-id
44p4EftV9ZdFXiSK_91xgBWhxFGWJWQGJIEc59yp62lUL1D0H-wV3w==
chunk-1121b3a3.ae827baf.js
b3.tunegenie.com/js/ Frame C001
255 KB
71 KB
Script
General
Full URL
https://b3.tunegenie.com/js/chunk-1121b3a3.ae827baf.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5dc4f19b3f1f67f7ff08413a0e4c20fd9507712ee440939951953bd27747e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
aoPcJbzA4.6PHPHHNoCJtcgUPIqh1S5x
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:27:24 GMT
last-modified
Tue, 17 Jan 2023 19:26:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
72619
etag
W/"eb1311114d02e943e27f1018ed8cb5a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
v06_FD2OiMRGwfNWiPDn1zdJQ_mYcU0o7JtDHevy6lDxN8zGe2WLQQ==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C001
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options
nosniff
age
553653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:10 GMT
defaultcover170.jpg
static.tunegenie.com/static/images/covers/ Frame C001
3 KB
3 KB
Image
General
Full URL
https://static.tunegenie.com/static/images/covers/defaultcover170.jpg
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.16.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-16-143.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
2725f8b87b10f8782c764f7d6148cb5f80022a874ea88a3aec7f1e2a49c7ded0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:44 GMT
Last-Modified
Fri, 24 Mar 2023 02:25:03 GMT
Server
nginx/1.20.0
ETag
"641d09ff-b25"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2853
chunk-2d0d76a4.883ed436.js
b3.tunegenie.com/js/ Frame C001
21 KB
7 KB
Script
General
Full URL
https://b3.tunegenie.com/js/chunk-2d0d76a4.883ed436.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:8a00:6:4e5d:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aca9a74fe9948e0cda9ced7a949cce62aa6f896ae1a575eb6ab01e85dc77c839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/?tgv=e905577.ba4de90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
StfTLI71TQynZK4C5LRAzhYW_iAICpab
content-encoding
gzip
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Mon, 17 Apr 2023 19:30:52 GMT
last-modified
Wed, 06 Apr 2022 17:21:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
2888
etag
W/"b2e69db13a2ed91d80691bdb7f238f61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000
x-amz-cf-id
ufLdOzX2QjW785EMV1_nzp8Yx0KjdC2-uRqoJ-41OB0HjlgaYjI76g==
td-sdk.min.js
sdk.listenlive.co/web/2.9/ Frame C001
1005 KB
277 KB
Script
General
Full URL
https://sdk.listenlive.co/web/2.9/td-sdk.min.js
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/index.c8514102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8c00:7:5253:f880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8be5876e7de200de0f3e75c441f8dc56f96b90b00f70217a51cd3daf2a8f896b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:45:12 GMT
content-encoding
gzip
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
last-modified
Wed, 05 Apr 2023 16:56:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1680713170/ctime:1680703630/gid:1000/gname:jenkins/md5:35d5f172cd0e9b4f9ae55ef0373546e8/mode:33188/mtime:1680703630/uid:1000/uname:jenkins
x-amz-cf-pop
FRA56-P3
age
2013
etag
W/"35d5f172cd0e9b4f9ae55ef0373546e8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
45AK0hPyOmvTIc6vUtx9E9ni2iFzcHCsViWEIQ3PReJ_VwIkC62p9g==
/
api.tunegenie.com/v2/brand/nowplaying/ Frame C001
479 B
911 B
XHR
General
Full URL
https://api.tunegenie.com/v2/brand/nowplaying/?apiid=m2g_bar&b=kyngam&count=10
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/chunk-vendors.6e6c4ca3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.73.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-73-75.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
23c28737ef1c10431754ba2c29154973422e3668d6e2656735d03ca968e6a304

Request headers

Accept
application/json
Referer
https://b3.tunegenie.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:43 GMT
Server
nginx/1.20.0
Allow
GET, HEAD, OPTIONS
Vary
Accept, Origin, Cookie
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
479
KYNG-AM-The-Ticket-2.png
s3.us-east-1.amazonaws.com/static.tunegenie.com/brandassets/ Frame C001
19 KB
19 KB
Image
General
Full URL
https://s3.us-east-1.amazonaws.com/static.tunegenie.com/brandassets/KYNG-AM-The-Ticket-2.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.227.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7d9af128af82a594bc6ea2b55e5d89ad5bd405ce6948ba3004f9e62be3dc8e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:45 GMT
Last-Modified
Wed, 09 Mar 2016 21:15:32 GMT
Server
AmazonS3
x-amz-request-id
WK1BHA7NTZR81MN2
ETag
"5c3bcafffaa225ee5517f12014d5876b"
x-amz-meta-uid
501
x-amz-meta-gid
501
Content-Type
image/png
x-amz-meta-mode
33206
Accept-Ranges
bytes
Content-Length
18948
x-amz-id-2
rN19uGMMu8sFJKG+N4JoYVUSK8UaOn+OUmdiXGesddG+TkRuV5MfwnM+bsj9ny+0c9vAwCh53PA=
x-amz-meta-mtime
1457558131
event
prebid-a.rubiconproject.com/ Frame
0
0
Preflight
General
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.247.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-247-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theticket1590.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 17 Apr 2023 20:18:43 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.28.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-28-72.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 17 Apr 2023 20:18:43 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 8197
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304120101&jk=3654934142425638&bg=!dnWldSHNAAZA7GLoYOw7ADkAdvg8WleFT8Lx6PCYnLkFumOrj9Jq5Wdmff33Ct1sXTRG-L0WKSkdBWUHEw-OY42oiOdXSUSgD7sCAAABRVIAAAACaAEHmQMbtlOBGfrDnFs_i8Nx1n9RI-rNfMfPO_2KbJIBmOVdJYQmUEwJWWZICJyBNwDbSucHSKdrJkBiqaKvtiCxWIWbjbBK4yLLkGFQtE2nM_Ezu3CTz5g6Aa7dlp6wlOhyRx_Cbuau-MzCRNjFXmGEEm9sVfhUvYuydpQRpHAr78p91eWkwEFM-WgR5mU12uYG54QcpO05hZCO6Q3Rel4FgJ9l1U4WvgzVDrSnWdrjFO3ENAtE3gXe9C6XlhhO_ge2BVEizvhp4wZu9EAoKZe6SRgXHRBlcoPc82P_vnhAhAzsTNoN2add-7CyO96kf_TM9b9ymQynSBpnPOUH7JGk5pNdeEev2bxRhsFcPG0BFN-NMh_GJYp0MAdDjl4YD4T0CWDImy3_yGFRaaoU6chJh9VxP6JQkCEH0-7CdJRCfWMoyxBaU7etmj6bgowGIsn-eoQBlZek68xOWdO90c9AhDmE5AdaYhLl1xEYjRlCsWbM2SPV4dMWC1RdfYXaGwjxaLnxzS2cUoTF4DUm04jCGqeSeohYCHJcKvua4x7nN4A8PlH1HfXmWwxIX3tqjOCOWfblYUK9v7q4X9otWbTiDvaRLoZBNZgMTVS60N1az39wuA-ef4V6_YyLY-dDYvVyiRe6uVa5C4Lu2SZPokLaY17RmaZlXFwCszxPQnYUy6IQJY4e4XXrY3I1wAmKE0iaAOMTlGoum7GBzgEGBs_DZgeBpsxJqIsfjNq-SLYMmatAFYsN2ckjFpRtk7rfiP6_BBSfxy9Ni0gg_5fKaIJkXnNShQpeMZhqzSjIKw1c8paDtqCAv7fJNK176net407A1C3FeLLF73rqvuunf-8oEcB5Vn0XiK40RxMVoOFYZQ6dQsGLpt7YMAkmKXN9FQBIalH-3kyhbPByCeNrNW84B6KnwBuPVIEE61P14qIKdYfE7t3VxFxN_l775h2aKntlUSCZRXhsWT_m-TefJpo5BC7NnMKGT8DCWw_fjHFbTZjc0InYpI6yMrt0IeQ3jvMxb7MWmEBQTis63UdDTHyk0d6fdDk-Pp_pST8s6wbR
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8CF6
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
Origin
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 08:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 08:20:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/ Frame 8CF6
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/omrhp.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
15553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 15:59:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame 8CF6
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
15284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11036
x-xss-protection
0
server
cafe
etag
7166013058933939784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 May 2023 16:03:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1977
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 20:18:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C001
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,350,350italic,400,500,700,700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options
nosniff
age
553659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7F6A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHv4hl6b0ZpdWJFiYrkbh4EWDy03zt0tKD_kXhSFCtOP6FHisVkvv6cHJBmc57V3nGcFB95PKOx8ymTdY5AT4oDZUyLCF4xvMxmggqrXoNJ1rO9ddYxhUj77QC7v-fmtTweZk&sai=AMfl-YSpM10R3_UPrX815T0Sd4stC_JaRMh6w-CX8k9RHkebfavTo2R_GlxnFI_0ZuCJDFJuufo36WxYbzN1RzGXNoeS_P0LDPVBLUWrHKTui2JUJilr_kLNpGj25W7ILkpE_gthN7fi_13q6t_J&sig=Cg0ArKJSzAGCPtg7ZCRzEAE&cid=CAQSSwBygQiD8jMdUx2jO5TkgRLgPgjyY-N-x_wY2pq4hUTGYCcR0O7Qds1WvEQWjaiHLG0tHM8vz2oURx3B3YukpIaFlkPs50lv7vkcmxgB&id=lidar2&mcvt=1048&p=266,1243,306,1284&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=230436542&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681762722204&rpt=460&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/3719878330380519815/ Frame 2959
12 KB
4 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1227c586cb83e93f912bcc2d8196554a7a58c6850d63ab13ede724d5a105eec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3671
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 19:28:55 GMT
expires
Tue, 16 Apr 2024 19:28:55 GMT
last-modified
Fri, 02 Dec 2022 10:52:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8CF6
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwkXvrI-iRXa3X85raS1l5A-7OkCStVmBAMV_92S6ZCciaAJxqA0TPQ2_hWKq3ssnsVaXeyE5dvuSpb9MCi7UDE-mA1A7kEh4tcjf0g5dDB1ePFUAZBYtUiKsNRVcD6LL9yhOIpjUuE1iztM-3eCjx40N6hMr4Ad2VAs8sFtZkH08NVbt1ScF9Ga3CDd0PBCY8fNfPQSDvz34XxMf9ESex7IhuEeljtyo3U4iI6cFwAzPZ3Wdgm4LcvP2IpZEvlXrdxra4lABrBE3XAGGJmMl1MzJAb47crJ0L6hIci69aCuF3snvQc7ogpQopGwb4apKjFlnf_zzTq0sqtk70z_PVBrnEdAVPyjHRgi65eTHWC-oxLU7HANFQu9cQ-8X9DAF1UpW1mCopnSzHNKxT2scILmdDA0ff0ZaR2jL8w24NplJVOIwBj6JPpZS3FWoBEZrNw_qCtne5DyhjGRde1hSy9tead-HpGlcQW9U8afr5LCvxZhzyVRS5sTh6OQ0galmGkzowS6QifP-88TBqFJodsQSiIkDxl6qKeUCrllFa_L0HWpsYQbn-1icEhw8B1OMq-0VMzLmjlRuSk6Qct9dhTQxfHrN93c_VWPw4rYZ_xdaC8TIc5tJt1qVHCVXeNi6IYKadz8PjJcndqcrFoJE_ndwgxOB8hyJsLe2JWiKm2cDgEDXZ8aoHN-f0tAhX-QPSruMNOIfkWMjGPAGUdbfOOIkb65pN7eUSGJ68L2wdB3v--57uQDGqjTLfDLbJXVHqxKssf2QqzX9Ca9LG3zqYy1dxyCNdOUfWsS9yEwbpuy12-l4KJz5FJDbwK2PZUqndCMr-zPffiZgr-pB_Fskqv1mjtXM95OJiP5Uv4Ey4iPdxtE2veybkYnedMUo-933XckYTWeM9sBr1PtyzXEVXc6yyirMfOv05guV98pyCBwSn2sLwrfDK1sGauostK5bRu3srf22Q-yu-qJxN6g_E7clL2NxRqlTcwVYPAxmRDU_s4SpQI6TIRSQbJWJQZ0vNxXZQE5d57wg0zfyOC02c8irGfcvJF8bFr6vEBZP6uZ5NFoqlvWQANRh0yI9kasA0F9sqIqPpjP_wttSy4JapuixUpQu2FrEJSt_KgYZ38_KSp7xbAxHf-ZIfIMHMO31330_3jTtT-ShOH7YiYsDBk5jL6OR1PDsg8p1EeJw6TiJMF-UdQnEj7uvGZ5gQ2opvUogvZG6s7Og8Z3rH2yhHqGXWfXuqJsaqck6ue6jHhuaQ090zYizLUkbmGy-ql6yL2eniXOAz7Yo&sai=AMfl-YQLtvym9r5rC8yE89hZe8k64Jiomz_OQxbeCrxpOt0_QOs8EmsH3c-SjL38nlDLkwY3F-Sv3uSQqjTXNBM8xbnNttxPhGebcdQA3tFPXkHqLXjY8faZYZnOtnGYiXKbtfLPTTbkrht29yYi8c22zS2gLzh35B0Ej4pmIZzFkoF6tTVqlJEAYhrQvcxzi90UWc9UzAxhk7DlBeObxXf4KNKWkOIyiMiT2gTugn64-vXJtgSCGQpmglDiay9mBGwqa45q&sig=Cg0ArKJSzCrKiodMTjrPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=104&cbvp=1&cstd=101&cisv=r20230413.38134&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 17 Apr 2023 20:18:43 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 17 Apr 2023 20:18:43 GMT
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame 7AB6
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8CF6
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 18:12:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7144
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 11:06:46 GMT
etag
48472445140208031
expires
Tue, 18 Apr 2023 11:06:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8CF6
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7195e62ae459c848228b15f846d1b3c9885c38fe23b3cffc10689cf52713518f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame 328E
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 1977
98 KB
98 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:04:59 GMT
x-content-type-options
nosniff
age
824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 20:19:59 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 1977
57 KB
57 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:12:47 GMT
x-content-type-options
nosniff
age
356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 20:27:47 GMT
pixel.gif
pixel.westseven.media/ Frame 8197
35 B
274 B
Image
General
Full URL
https://pixel.westseven.media/pixel.gif?key=theticket1590_728x90_1&ev&r=0.11408692164846634
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.114.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-114-84.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:43 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
pixel.gif
pixel.westseven.media/ Frame 8197
35 B
274 B
Image
General
Full URL
https://pixel.westseven.media/pixel.gif?key=theticket1590_728x90_1&iv&r=0.17868739124116328
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.114.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-114-84.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:43 GMT
Cache-Control
private, no-cache, proxy-revalidate, max-age=0
Content-Disposition
inline
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
a6fc438daf2c8cc18f7294c60eb5597b.js
s0.2mdn.net/sadbundle/3719878330380519815/ Frame 2959
57 KB
15 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/3719878330380519815/a6fc438daf2c8cc18f7294c60eb5597b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15831
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 10:52:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 12:08:58 GMT
usync.html
eus.rubiconproject.com/ Frame CC6F
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/7.17.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 20:18:44 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame C001
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@200;300;400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b3.tunegenie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 10:10:28 GMT
x-content-type-options
nosniff
age
209295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Apr 2024 10:10:28 GMT
/
api.tunegenie.com/v2/music/track/ Frame C001
347 B
848 B
XHR
General
Full URL
https://api.tunegenie.com/v2/music/track/?apiid=m2g_bar&b=kyngam&sid=-172&sslg=1590-am&aslg=the-ticket-2
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/chunk-vendors.6e6c4ca3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.73.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-73-75.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
47730c536bba42826232f646d5149a94320400d9ba4d6095f017133e363f6022

Request headers

Accept
application/json
Referer
https://b3.tunegenie.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:44 GMT
Server
nginx/1.20.0
Allow
GET, HEAD, OPTIONS
Vary
Accept, Origin, Cookie
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
347
Expires
Mon, 17 Apr 2023 20:29:55 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 85A3
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 08:34:50 GMT
expires
Tue, 16 Apr 2024 08:34:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
03032023-031623331-640_100_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame 1977
10 KB
10 KB
Image
General
Full URL
https://s0.2mdn.net/4528404/03032023-031623331-640_100_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db1572900f660ec411ddf36c107b1189ab1852d237989e71478588281b6fa974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 10:07:17 GMT
x-content-type-options
nosniff
age
36686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10405
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:16:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 10:07:17 GMT
03032023-031625820-640_100_720x610_stoerer-gbplus_2zeilig5c67d8cf-7094-46df-bc55-b3fda4d82ad8.png
s0.2mdn.net/4528404/ Frame 1977
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/4528404/03032023-031625820-640_100_720x610_stoerer-gbplus_2zeilig5c67d8cf-7094-46df-bc55-b3fda4d82ad8.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb00b2046e42fe708fb2bffb629dd2fe3e6083456ba4dfb920f4c6a1aeb8ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 10:07:17 GMT
x-content-type-options
nosniff
age
36686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13914
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:16:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 10:07:17 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7144
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEO5EWlXIRmffjx8wDK8CUG4&google_cver=1&google_push=Aer7DvJCKhd-CitHrYhAagKJR5lJLfvjPlgtut-ekcGD73z-pS0mUJ53APm3ZmBXGfUOZMP9sL3SOKfSuCjbL03GiC_2O3Do2MY
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM1ODU5ODg3MTU3NjUzNzQzMQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO5EWlXIRmffjx8wDK8CUG4&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO5EWlXIRmffjx8wDK8CUG4&google_cver=1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEO5EWlXIRmffjx8wDK8CUG4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7144
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC4MDx65aAD47qsMSZnOxPk&google_cver=1&google_push=Aer7DvKbUHgioG9f2mV5hM9OAjri57MOy8Dqxe8MjaLrzg0IXdqVZaK_vFHS58U_HLuonWMv734zfn1m7ifOyZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzExNTg5OTIxNTYwNzk0OA%3D%3D&google_push=Aer7DvKbUHgioG9f2mV5hM9OAjri57MOy8Dqxe8MjaLrzg0IXdqVZaK_vFHS58U_HLuonWMv734zfn1m7ifOyZnSiR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzExNTg5OTIxNTYwNzk0OA%3D%3D&google_push=Aer7DvKbUHgioG9f2mV5hM9OAjri57MOy8Dqxe8MjaLrzg0IXdqVZaK_vFHS58U_HLuonWMv734zfn1m7ifOyZnSiRQTbm31QJz7
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzExNTg5OTIxNTYwNzk0OA%3D%3D&google_push=Aer7DvKbUHgioG9f2mV5hM9OAjri57MOy8Dqxe8MjaLrzg0IXdqVZaK_vFHS58U_HLuonWMv734zfn1m7ifOyZnSiRQTbm31QJz7
Date
Mon, 17 Apr 2023 20:18:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7144
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBYMf8ssAozqEjkmEaoGakk&google_cver=1&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7axa...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBYMf8ssAozqEjkmEaoGakk&google_cver=1&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twX...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzMjEzNjk4OTY1NDExOTIwOQ&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7a...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzMjEzNjk4OTY1NDExOTIwOQ&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7axaC8XTPaTawS8tJCAUKpQ7
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzMjEzNjk4OTY1NDExOTIwOQ&google_push=Aer7DvIUp8uSu--p4OMz7ITHIeJHUoEAysGTJ5RGlxm1hzPHhO9-q5JGAlP70ZuoYjqNA2b-twXq7axaC8XTPaTawS8tJCAUKpQ7
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pub
cs.chocolateplatform.com/ Frame 7144
0
134 B
Image
General
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFzx2F3eOMDycxVtkaD5kVE&google_cver=1&google_push=Aer7DvL4sNNES9L0ffYUyqCe7DxM8uTen8oVK5pIbjiC0Z8azjZ-r8HouLmAaS-ijr648lUDuc9Ys2gSmcnJ0v9SiKeV9ZLUDt9L
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
CookieSync Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 17 Apr 2023 20:18:44 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7144
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEOseFV3gi-gFl6gazGCYY4M&google_cver=1&google_push=Aer7DvKYnHDBbG9H1qG8Ct65hbgCV-M7nEUdQTGsXwc1K0VpTqgz7BoiW...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvKYnHDBbG9H1qG8Ct65hbgCV-M7nEUdQTGsXwc1K0VpTqgz7BoiW_CzxLcFfNTnGPZ267F5tSpWeRqEtJTvtBZikjWiItpNYw&google_hm=QlMuODEyMC1mZTBl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvKYnHDBbG9H1qG8Ct65hbgCV-M7nEUdQTGsXwc1K0VpTqgz7BoiW_CzxLcFfNTnGPZ267F5tSpWeRqEtJTvtBZikjWiItpNYw&google_hm=QlMuODEyMC1mZTBlLTQwMTYtODBmYQ==
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvKYnHDBbG9H1qG8Ct65hbgCV-M7nEUdQTGsXwc1K0VpTqgz7BoiW_CzxLcFfNTnGPZ267F5tSpWeRqEtJTvtBZikjWiItpNYw&google_hm=QlMuODEyMC1mZTBlLTQwMTYtODBmYQ==
Date
Mon, 17 Apr 2023 20:18:44 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 7144
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP-hlOacCCeyhUHtniZoLKk&google_cver=1&google_push=Aer7DvIDa1t8cSEqvnd7P6mIcBMjnQRezyEqRzV-vEHtavIN1WLQ-FGz0B9-X3wyfSsDolphRC...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySk11THk1RTJ1Rmh2Nm5Bd0NBT1NxRFRubFllQVQ3bX5B&google_push=Aer7DvIDa1t8cSEqvnd7P6mIcBMjnQRezyEqRzV-vEHtavIN1WLQ-FGz0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySk11THk1RTJ1Rmh2Nm5Bd0NBT1NxRFRubFllQVQ3bX5B&google_push=Aer7DvIDa1t8cSEqvnd7P6mIcBMjnQRezyEqRzV-vEHtavIN1WLQ-FGz0B9-X3wyfSsDolphRCjJdKmnDaX58LNbrMffAqucqOp6EQ
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ySk11THk1RTJ1Rmh2Nm5Bd0NBT1NxRFRubFllQVQ3bX5B&google_push=Aer7DvIDa1t8cSEqvnd7P6mIcBMjnQRezyEqRzV-vEHtavIN1WLQ-FGz0B9-X3wyfSsDolphRCjJdKmnDaX58LNbrMffAqucqOp6EQ
date
Mon, 17 Apr 2023 20:18:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 7144
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBHXf8Uz3R1tmFwrM8HLydQ&google_cver=1&google_push=Aer7DvJ2DQpNpdovLCn8RyAoMZp78Lv-X5S7-fhyj62e46loXYCc2ljXcNtZktmFMiIQgezdiWKPvr6atN9c9-9ToQi-GnG...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJ2DQpNpdovLCn8RyAoMZp78Lv-X5S7-fhyj62e46loXYCc2ljXcNtZktmFMiIQgezdiWKPvr6atN9c9-9ToQi-GnG-5jKLmQ&google_hm=NDg5NTEwM...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJ2DQpNpdovLCn8RyAoMZp78Lv-X5S7-fhyj62e46loXYCc2ljXcNtZktmFMiIQgezdiWKPvr6atN9c9-9ToQi-GnG-5jKLmQ&google_hm=NDg5NTEwMjgwOTU4NzY3MzE1MA==
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aer7DvJ2DQpNpdovLCn8RyAoMZp78Lv-X5S7-fhyj62e46loXYCc2ljXcNtZktmFMiIQgezdiWKPvr6atN9c9-9ToQi-GnG-5jKLmQ&google_hm=NDg5NTEwMjgwOTU4NzY3MzE1MA==
Date
Mon, 17 Apr 2023 20:18:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 7144
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIsl6S7QgSG-UcrYF4DgvK1gDbhMAQ25hTZ8c5OFgk49K_pH6QgKxYSjFH5qjF3Tbo2eIIs4L4
Requested by
Host: 06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
URL: https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
03032023-031623331-640_100_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
s0.2mdn.net/4528404/ Frame 1977
10 KB
10 KB
Image
General
Full URL
https://s0.2mdn.net/4528404/03032023-031623331-640_100_vertikal_allnetflat-m_dsp_23022cb0aa02-a100-42f9-9c2a-535710428844.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db1572900f660ec411ddf36c107b1189ab1852d237989e71478588281b6fa974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 10:07:17 GMT
x-content-type-options
nosniff
age
36687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10405
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:16:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 10:07:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B0F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhLIxqNdSCYtoaBQ8szJ0rG0pt3bHiaa_ewLZgSKKWfUv8gCON3_EeS6jHwkBCA90veZFJzMYwqJ7oQYilg26KC80c1gWxSYnGG5_BUpNNlGRHnxPpX9EYEDERBPA5yWsFy6g&sai=AMfl-YTikEK8-QWiOH8CU5fL8viBYszSgXdUYIw2t9MwYnwha_OWBRgNUZws1r-Iz3tshKzU1ThIi-yOKajnkMcdHAE11gav0H21wv5tI0gVmZNB__8OTNL53Fd6FBPH&sig=Cg0ArKJSzDL7KFNtGZfSEAE&cid=CAQSPABygQiDiS-UxqbbUFTuoMtAf93OqRAbqcKqPE7TeooguDm3zjRwmQZ1T_gaO_tqUzdwT7zSRwQjydzUyxgB&id=lidar2&mcvt=1019&p=1141,865,1191,1185&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1008775930&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681762722545&rpt=454&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9881d7df0b300d92200ebcbe31ea57a7.svg
s0.2mdn.net/sadbundle/3719878330380519815/media/ Frame 2959
2 KB
798 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3719878330380519815/media/9881d7df0b300d92200ebcbe31ea57a7.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 03:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
761
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 10:52:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Apr 2024 03:13:21 GMT
9e367d9ca52b2883318fb1e1c39ab87d.svg
s0.2mdn.net/sadbundle/3719878330380519815/media/ Frame 2959
15 KB
5 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3719878330380519815/media/9e367d9ca52b2883318fb1e1c39ab87d.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea64495655ae219e4344811df78aea0b0dbc6314f9346c9b0b253645a1eaf69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264567
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5107
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 10:52:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 18:49:17 GMT
ac4848f5dbf9aff1f6f13ddd9583fb81.svg
s0.2mdn.net/sadbundle/3719878330380519815/media/ Frame 2959
13 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3719878330380519815/media/ac4848f5dbf9aff1f6f13ddd9583fb81.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264567
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4549
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 10:52:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 18:49:17 GMT
79f6af56d394a5779ddbeba9fddb96bf.svg
s0.2mdn.net/sadbundle/3719878330380519815/media/ Frame 2959
7 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/3719878330380519815/media/79f6af56d394a5779ddbeba9fddb96bf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a92255192d67c0139d64b7fe64aef88c46f48b2d1c3fbf9d6eb8aaae4adce24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3719878330380519815/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264567
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1767
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 10:52:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Apr 2024 18:49:17 GMT
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame 85A3
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
usync.js
eus.rubiconproject.com/ Frame CC6F
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29278175891bc6f68a3c0e4e272b7651b3229207580695cefbff9b237642f836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55950
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:51:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6A
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7735528881353&version=m202301230201&ct=76&x=1&cor=10132920350031202000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA9
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9553197022747&version=m202301230201&ct=77&x=1&cor=10816691080679770000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KYNG-AM-The-Ticket-2.png
s3.amazonaws.com/albumart.tunegenie.com/custommessage/icon/ Frame C001
19 KB
19 KB
Image
General
Full URL
https://s3.amazonaws.com/albumart.tunegenie.com/custommessage/icon/KYNG-AM-The-Ticket-2.png
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.48.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7d9af128af82a594bc6ea2b55e5d89ad5bd405ce6948ba3004f9e62be3dc8e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:45 GMT
Last-Modified
Mon, 16 May 2016 11:05:35 GMT
Server
AmazonS3
x-amz-request-id
WK15DKGJMJ4FCP0A
ETag
"5c3bcafffaa225ee5517f12014d5876b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
18948
x-amz-id-2
sJoeU6LxaIUp8Wf2wReHdL+gF+04TIDfeyJ3OZzUyLgJh8ah5H/9IOUjMmVehcOqpvV6GKwkLlM=
view
googleads4.g.doubleclick.net/pcs/ Frame 8CF6
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwkXvrI-iRXa3X85raS1l5A-7OkCStVmBAMV_92S6ZCciaAJxqA0TPQ2_hWKq3ssnsVaXeyE5dvuSpb9MCi7UDE-mA1A7kEh4tcjf0g5dDB1ePFUAZBYtUiKsNRVcD6LL9yhOIpjUuE1iztM-3eCjx40N6hMr4Ad2VAs8sFtZkH08NVbt1ScF9Ga3CDd0PBCY8fNfPQSDvz34XxMf9ESex7IhuEeljtyo3U4iI6cFwAzPZ3Wdgm4LcvP2IpZEvlXrdxra4lABrBE3XAGGJmMl1MzJAb47crJ0L6hIci69aCuF3snvQc7ogpQopGwb4apKjFlnf_zzTq0sqtk70z_PVBrnEdAVPyjHRgi65eTHWC-oxLU7HANFQu9cQ-8X9DAF1UpW1mCopnSzHNKxT2scILmdDA0ff0ZaR2jL8w24NplJVOIwBj6JPpZS3FWoBEZrNw_qCtne5DyhjGRde1hSy9tead-HpGlcQW9U8afr5LCvxZhzyVRS5sTh6OQ0galmGkzowS6QifP-88TBqFJodsQSiIkDxl6qKeUCrllFa_L0HWpsYQbn-1icEhw8B1OMq-0VMzLmjlRuSk6Qct9dhTQxfHrN93c_VWPw4rYZ_xdaC8TIc5tJt1qVHCVXeNi6IYKadz8PjJcndqcrFoJE_ndwgxOB8hyJsLe2JWiKm2cDgEDXZ8aoHN-f0tAhX-QPSruMNOIfkWMjGPAGUdbfOOIkb65pN7eUSGJ68L2wdB3v--57uQDGqjTLfDLbJXVHqxKssf2QqzX9Ca9LG3zqYy1dxyCNdOUfWsS9yEwbpuy12-l4KJz5FJDbwK2PZUqndCMr-zPffiZgr-pB_Fskqv1mjtXM95OJiP5Uv4Ey4iPdxtE2veybkYnedMUo-933XckYTWeM9sBr1PtyzXEVXc6yyirMfOv05guV98pyCBwSn2sLwrfDK1sGauostK5bRu3srf22Q-yu-qJxN6g_E7clL2NxRqlTcwVYPAxmRDU_s4SpQI6TIRSQbJWJQZ0vNxXZQE5d57wg0zfyOC02c8irGfcvJF8bFr6vEBZP6uZ5NFoqlvWQANRh0yI9kasA0F9sqIqPpjP_wttSy4JapuixUpQu2FrEJSt_KgYZ38_KSp7xbAxHf-ZIfIMHMO31330_3jTtT-ShOH7YiYsDBk5jL6OR1PDsg8p1EeJw6TiJMF-UdQnEj7uvGZ5gQ2opvUogvZG6s7Og8Z3rH2yhHqGXWfXuqJsaqck6ue6jHhuaQ090zYizLUkbmGy-ql6yL2eniXOAz7Yo&sai=AMfl-YQLtvym9r5rC8yE89hZe8k64Jiomz_OQxbeCrxpOt0_QOs8EmsH3c-SjL38nlDLkwY3F-Sv3uSQqjTXNBM8xbnNttxPhGebcdQA3tFPXkHqLXjY8faZYZnOtnGYiXKbtfLPTTbkrht29yYi8c22zS2gLzh35B0Ej4pmIZzFkoF6tTVqlJEAYhrQvcxzi90UWc9UzAxhk7DlBeObxXf4KNKWkOIyiMiT2gTugn64-vXJtgSCGQpmglDiay9mBGwqa45q&sig=Cg0ArKJSzCrKiodMTjrPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=552&vt=11&dtpt=448&dett=3&cstd=101&cisv=r20230413.38134&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc11949da30b0cc69971ec307197fcdf4c71a5ccafbe3f827eca6e582df373c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11283
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/16059128/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
357 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:17:13 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
92
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
Bv7xz8Yhe_YiIgLZhF8AahB6cY-Sf-ZMMiK8BGBce_QirRSi8pam8Q==

Redirect headers

date
Mon, 17 Apr 2023 20:18:44 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
FhEFg68g-CM9YXv9VhRP6KUpP8o9Rsrikw1t2GDEdSB3d55D6kyD0w==
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=321676822&rv=34c0&cid=59299892&l=59299892.TC0.HTC0~*~AWCT1468&qi=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/
0
11 B
Image
General
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=1442560379&rv=34c0&cid=GTM-NBMFP63&l=GTM-NBMFP63.L1489.S0.Y5.E3515.TC6.HTC4~gtm.init.S0.E20~gtm.js.S0.E263.TS5sp.TE6.TS5html.TE0.TS5html.TE0.TS5html.TE0.TS5gclidw.TE1.TS5html.TE0~*.S0.E33~gtm.dom.S0.E33~*.S0.E33~*.S0.E33~*.S0.E33~*.S0.E33~*.S0.E33~*.S0.E32~*.S0.E32~*.S0.E32~gtm.load.S0.E12~gtm.init_consent.S0.E21&qi=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 328E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8KNGoqk9ZMK7L5Wz9u8P6ZqYkA8AAAAAOAHgBAI&bg=!SEulSx_NAAZA7GLoYOw7ADkAdvg8WsxpiveZhoVX9oQgApr1DG0_0V2M_uCmcJAMZ1m9PyjR6YxZ0JJ_5JkM1DwpwzYhO-FMZSYCAAABT1IAAAACaAEHmQMxeWWvKWOMaM-XwhtjJWx17lw6uR3L4ZUiLNdXbyCJYpPTjtetmuAcTfbA1AUSZu2kcjkBY8OpL3ERAl3aFw-IwMrL9ZNwzAsS3C36wZZ2oy-26w0nvYjJsrSJUyBCvRzOZsWwPDrrbGjedWMua51dkqaUtySo2sAMxtszilrBQIhzCGi4_ec5Qn52OKuVidCOYwi49nb-HWSNnF28FD9fxRa4pCre7096yp4TlEeUYYqyDsgEYlLAoVyCj6m6C5nY_LhSrYk8_YT0Jiec3UVZ4rmlzeJUGqXy29n7THw8-t5Fk8iuT3hL0WT-LPiLBVlwovTd0kjzRdSO7mK_rTR-4KcVQTo0GOY2stlRcnBGL1HbdxRM2qjyDi3gSjN87sWDt3PV_GfLvzGUKoFCQ3-o0gKa7nNVi0OFVhjBSMUdFusZXfm1WHpRdutlQAOFdLZgmdcLhWtwrt18wN0FEiA8rtlIL-nqW30wvWtFwoJPkKm13s3AP9L07HhQ_aG70l0Fo_wAuP4jyWmch9PFDX8csdDnSkV9EdFo6zMG4uD4YYkb6XRzMf9axtSwLFUo8gn577uD00qhtIz-OWjXQkoYzRYEJf_IzdPbVnkw2V2IXY4J-nhisn7PbtZGWDqpGuyVsirVOPtxEL9ldZzTXAgzmHSc-3yiF8yQOav5RuK7-YA0rTppZSnZySF2j7NjN7jI_yeyQo5SBt2cfFtxL1HdC4CxLchX8K7HF1a5mY61JHMh8NLjSlxVZkwEA48R9QiYsUbKPoF5rBADF71VM4d2uvn-QAAvIqL3M4CL2qiuGxsxqhp6q7gPipVGoGZQqVcMMc6sWp6GCmZ2pWpLCjmEts3HbSZ1RbkoaGABERY73vy9ki1R8H3tHZkPcVtK0Zs78tPw4Q0yULFTybTOptPovr9ksFD_g_AwJ2MJWeeXVvuQk8srnFH_pRHLHEOM7JUsvl69G2GwPDAMwkSlxXHSZ0oFWi7DecCNvItN5iz1zeweu05U5bVXVCXZrEoUc82gDr9q1k38I3OBg1gCteH1xiETLZ4vaugXFPkKj7_n1PZI4ZlMkWSSevBSiTzZ-iVJjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 20:18:44 GMT
tap.php
pixel.rubiconproject.com/ Frame CC6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/aDR7EoZIb91PP4GaG-zeag?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zefZwh5E2oI2GmchY5H8GEgMRpp4xY8guaFJIQ--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zefZwh5E2oI2GmchY5H8GEgMRpp4xY8guaFJIQ--~A
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 17 Apr 2023 20:18:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zefZwh5E2oI2GmchY5H8GEgMRpp4xY8guaFJIQ--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CC6F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eB4AXFm0S1mJk7CK8qUKIQ&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eB4AXFm0S1mJk7CK8qUKIQ&gdpr=0
43 B
720 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eB4AXFm0S1mJk7CK8qUKIQ&gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1MJ0FSDZMRNK220C1QVH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eB4AXFm0S1mJk7CK8qUKIQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CC6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdMQTNQN1ctMS0yQ0VG&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIdZygnD5hz64LBq7xPkWGk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMQTNQN1ctMS0yQ0VG&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMQTNQN1ctMS0yQ0VG&google_push=&gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdMQTNQN1ctMS0yQ0VG&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
setuid
px.ads.linkedin.com/ Frame CC6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGLA3P7W-1-2CEF&gdpr=0
0
649 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGLA3P7W-1-2CEF&gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 42829EC9D488457A9427A07997A0CD30 Ref B: FRAEDGE1309 Ref C: 2023-04-17T20:18:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX5jeXMUBHaB17W12GEFg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGLA3P7W-1-2CEF&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CC6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGb5Sl2ajkteJ6SyQsjX-uY&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGb5Sl2ajkteJ6SyQsjX-uY&google_cver=1
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGb5Sl2ajkteJ6SyQsjX-uY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame CC6F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame CC6F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lQc1yYBJT-ejSSBs7JcyLA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lQc1yYBJT-ejSSBs7JcyLA&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lQc1yYBJT-ejSSBs7JcyLA&gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1F9Z2S4ZC2B80C2457TR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lQc1yYBJT-ejSSBs7JcyLA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CC6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM0YmY4NjI1ZjFkOWY2Y2JlZDAxY2E3YjA5NzZiMDMwYTVjNzE0Mw&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM0YmY4NjI1ZjFkOWY2Y2JlZDAxY2E3YjA5NzZiMDMwYTVjNzE0Mw&gdpr=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM0YmY4NjI1ZjFkOWY2Y2JlZDAxY2E3YjA5NzZiMDMwYTVjNzE0Mw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
idsync.js
playerservices.live.streamtheworld.com/api/ Frame C001
Redirect Chain
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM
  • https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM&bounce=true
993 B
1 KB
Script
General
Full URL
https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM&bounce=true
Protocol
HTTP/1.1
Server
192.173.31.109 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
25b72190b604cea0f3b4260d4540c327fc648fb1448921fe48b93e37c7b903da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
x-stw-server
par-strc-docker01_8082
x-stw-site
PAR
content-language
de-DE
access-control-allow-origin
*
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=ISO-8859-1
connection
close

Redirect headers

date
Mon, 17 Apr 2023 20:18:44 GMT
x-stw-server
par-strc-docker03_8082
x-stw-site
PAR
content-language
de-DE
location
https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM&bounce=true
access-control-allow-origin
*
p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=ISO-8859-1
connection
close
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C001
361 KB
121 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: sdk.listenlive.co
URL: https://sdk.listenlive.co/web/2.9/td-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123683
x-xss-protection
0
expires
Mon, 17 Apr 2023 20:18:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A77
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
287
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:13:57 GMT
expires
Tue, 16 Apr 2024 20:13:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D08A
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a34c01d579a8cb0ba44236a5065d7bff2abfcb6aae216f5fb64dc825f3654a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tptKIXOF3V_qvLd4OTL7DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-tptKIXOF3V_qvLd4OTL7DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:44 GMT
expires
Mon, 17 Apr 2023 20:18:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85A3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWC8ao6k9ZNqHCMmV9u8P2NCZ0AYAAAAAOAHgBAI&bg=!5uWl5bHNAAZA7GLoYOw7ADkAdvg8WgHt4yop5FlNVH_3ub5A_AAyZ7r77q6LPqZO9mkFWiA0lKXGMCohxl9_3W3h8u2RDmZFGzQCAAAAjFIAAAADaAEHmQNS6Cbuzcc-5ah8NKD9orNWWeTzldFMwMd_AnNnh0TWwmnBGSqnunoThwKpAH6yhlbjm2HL4wA8r0Y6Wyh8UQyTyduN9wTA9nJPZ6obogwWBM48BoKvQE3DoEBj7kStPwBzTNnKdAfzJZPrqCi1ScgQGngRkjfv5izQh4AOKm2tBq9DAjUoJsnQydFxPuWJjW5x1YUS32DBx2mL_czK0hz4S8SvRQ5dH1Y4LqGrfq1nZAn-ixpDj7__BYPSfgUOWkaEnrfY8nCVzyT6KoPjpZlBVqIWCb-nzNcqKhVgO5XgGBzwZ30WVIBEMA6mPHM7d4ZO7BcOn-c8gTdf729dE-QLBn3OuYihCHDU2N_ToNNGql1eAESbW9vCMZJ1oFC9364v_ie4vMuDkU_X0oHrhWsvSSf77kTHpyt3krS2gLGcoqgPfUueHhR8lqq1T-1XmwJbX78XYdO6Rw3VpkvPCLvO5a-BiVP4D2kAaNe5BB4OMqlt_P1E6aY_3PuQHiFF9mDAvaCZkkA6MN1I7iDEOzIuCEs4773sqSYh9S4iANLUHxdT03s9_gjwShjQmwaMx3ZQZL7iAj-ViTMwWXP2fIXakHXa9LiDgxjt2C0_UL0GygF9BXHk1pigz6HF9JfxyY06aPDfeE795bzqKyYLfVhOMjQ9jWl95bGXbmSezqfJ0JkzHrDt8tIX-kk5sHGQjaVMS7hDlivi3olc6IVWJiS28Mpi1KXzxwf03TipMYX4J6KWpSReH1mZBQUPdGijsBe7kY0b2fJ_XBogQtXzcMBAyV2_RLBMufgnlt2Q-v3Olc5rFPLsY5q4k1iOXo_U21GaxaMLM9qjRvoqENxdDTgnyH1fSnmDwai6MoJhIX6oK1RiOgdYvK4OEDc9LY1ZAkEjlwRuloOwcmiZqQUmL4PVatFXVP0TEU6eZVZzQg6YDjb0pJ3sNi9doBGs4FlZ_0QAAfICrfkt44rBs4x_7EAfcjn5D8FQgxf0Nltnd-SAnB-_uGsoNpKA9_8bg1kLFPHeqEOLx8dUL6pGmKNxvnK98fLJtwTzKx-R1XFQ2s63iXUM3Gvep_LuYiFtuwuygzVE5-KXMgwgHEEZPfZpIGOgVqYZCoBwQ169tbgvEgSXkli8hQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
pagead2.googlesyndication.com/bg/ Frame 8A77
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/bsdAhfwWdZZ0lwKfZyotoKMYFbxnkv02xNqAhtGyATM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 22:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
164051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14296
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 22:44:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D08A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304100101&jk=3065041248302978&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7LHM6PBR21&gtm=45je34c0&_p=1617576976&cid=1483137519.1681762720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1681762719&sct=1&seg=0&dl=https%3A%2F%2Fwww.theticket1590.com%2F&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&en=express_dimensions&_ee=1&ep.client_name=cumuluspro&ep.station_name=KYNG-AM&ep.alt_station_name=KYNG-AM&ep.market=Fayetteville%2C%20AR&ep.format=Sports&ep.author=System%20User&ep.page_type=page&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LHM6PBR21&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8A77
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?lmxstQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
idsync.js
yield-op-idsync.live.streamtheworld.com/ Frame C001
3 KB
3 KB
Script
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/idsync.js?stn=KYNGAM
Requested by
Host: playerservices.live.streamtheworld.com
URL: https://playerservices.live.streamtheworld.com/api/idsync.js?station=KYNGAM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
016c2f9b3161469fde91b8cc634644cd57ed26845e227fc44cb4d6f327407e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
policyref="http://tds.media.streamtheworld.com/w3c/policy/tds-p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 17 Apr 2023 20:18:45 GMT
x-stw-server
ash-mesos01-node07
x-stw-site
ASH
content-length
2741
content-type
application/javascript; charset=UTF-8
/
loadus.exelator.com/load/ Frame C001
Redirect Chain
  • https://loadus.exelator.com/load/?p=930&g=3&station=KYNGAM&j=0
  • https://loadus.exelator.com/load/?p=930&g=3&station=KYNGAM&j=0&xl8blockcheck=1
0
771 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=930&g=3&station=KYNGAM&j=0&xl8blockcheck=1
Protocol
H2
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 17 Apr 2023 20:18:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=930&g=3&station=KYNGAM&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B0F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5634406559342&version=m202301230201&ct=76&x=1&cor=11562306173966617000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CF6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNtnIvh3rxWydVQklGt1RPLhoXxP2awYJiQM-m39mcqtEYYPcvDGIRpRU76NNLbhSnNmU8MPt9x_vT1xnpKcTP-UzhiL3hs2a3KxdlWDXGNmj3lkOcAgCD3_E2nmT-sDOsm6E&sai=AMfl-YQ0vigBLfjqgWaHqzZld4RSuu_bmJZ3qltU8eo631uTdKhOc-fCvbO1zp0zHZKlmCdrMLJ-Aa2pMOOyi5h1lmFQKNyNKEIWZLtHU-f9p6k927lKP3uZM2-4IaU&sig=Cg0ArKJSzBFDxLZ6KebiEAE&cid=CAQSOwBygQiDPnqS3nbRkbVJ62P5x6qrl-s7Uwqb6cE5PQpIT6f10Vkby4-48cT9QayCg8c9M2YUfpuydqIXGAE&id=lidar2&mcvt=1002&p=0,0,108,728&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=2245976565&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681762722872&rpt=996&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KYNGAMAAC.pls
playerservices.streamtheworld.com/pls/
284 B
628 B
Fetch
General
Full URL
https://playerservices.streamtheworld.com/pls/KYNGAMAAC.pls
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.173.31.109 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
f771c7358d2a0b21f797b70169041eee59c3ff8692598d70eb4f138cff3cb188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
x-stw-server
par-strc-docker02_8082
x-stw-site
PAR
content-type
audio/x-scpls; charset=UTF-8
content-language
de-DE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, must-revalidate
content-length
284
expires
Thu, 01 Jan 1970 00:00:00 GMT
KYNGAM.pls
playerservices.streamtheworld.com/pls/
269 B
613 B
Fetch
General
Full URL
https://playerservices.streamtheworld.com/pls/KYNGAM.pls
Requested by
Host: b3.tunegenie.com
URL: https://b3.tunegenie.com/js/pwm_all.min.js?tgv=e905577.ba4de90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.173.31.109 , New Zealand, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
91ea8e6ea35f90dfebe137d31cbcbae44eff4bf41af4b05ee6a9d8f715b47688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
x-stw-server
par-strc-docker03_8082
x-stw-site
PAR
content-type
audio/x-scpls; charset=UTF-8
content-language
de-DE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, must-revalidate
content-length
269
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304100101&jk=3065041248302978&bg=!np2lncnNAAZA7GLoYOw7ADkAdvg8Wkbe_kM1cZRImNkqNh-CZxRc_1FfxQtW3F5rZ2xhpoL_KVaYHJHuW7Xe0LuTZEiffdbvtnQCAAAAZVIAAAADaAEHCgBTdcguYh0S7WqPWyp5Eqygpoa7pM-eojiGh9kgIO0A5YOp0Wy_TkUUxW_INFsxFad9WHUgM0SOmRjUtqmxmUyuBhCZSobCl7VeHZh_HYp9ERUgaw6ZAvJS8c4QZKCdKwwb4zT3ERzmtZQSJ843ZoVRIH7yL-W0kUXae4zLfzm4ELHjeAfovPHHvbQ5znGevb0dI4J_FUbk2xuUaPX-SkG3d7EslDIWLS-V52MqsDBIvNysyLyGAbqjxtnzBznrmcgiYGmZ1s59wjDhOqqy6c0p95m_m5jhdvDCK8-Y1gDeYMkoNi1Zqe-weUF5z6dejwzmMuIuMAa0H6i3gU_dHy63O3kMAffDVr3v5d12R5odjHkUnrFLr1YKemjqYT22FSB75AVUydot98HgiBZXcUU60C6nWJgho1prMF6GNFpYA82Ul9gyu0B_PnM5qtilWjH9XwtB4EK8xJzH1ZBRW1Z-PV82EE6-VOdi6nEIvUN2qp5qpYW3SDuI3dchbX20E1PTjdYrkVoVJ8KwoU53T0B7hLIVfMZOQECfxiRP9uFfP0tMxH1QX_N3Ys0upx5G0O04a7cANNscP5k4_VlGVRxx0tJmzayv8BzSysST8nwdNFOMhH67QLL9YvVox_7g0PxGtS7En3KSIRVajhz0-MZLiau_h7K20poyc99bmkcfnPCJB1fpzYjwq8p5wlE4j5kw2wKgDQUn5_5nc5sEgPbEVKN3L69HZ0ZOLgGRbRGhd9jm6UfT0RL1DUobkiW0PQ2Xa6eV9WIeTEZWJISLVJoZQMbyDERYbLArcEIB7wPRyUrAhEuMyYO_qRckZx7xLNUQljTg5iIKuZ8xkCAqgY2cEEnbyDwDJk6YWrhd5VosqqnEBCi2Rb0Cy5gJGxtpErmIijK7NR1SZbyBrV624ynsPh00vBOI1dpjiGakDjCVDcx1bTUj0eY8Wm-xM4WQMHlGGvPT3Rw3jj0RlHcPSTgKpYxw1K-1_ECtw6q5O5_Hiwi0lcBzj1YXzid5sXGiOX4wPl5m1L8ce_aLo72iNW4bidR2-9CYvysIXD5XysCgmPuNMoqG6F-Ivuazgyus9vTbN9PPcMC_A9F2qxFhM-dKf-cs3pUQeDpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CF6
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1948722888049&version=m202301230201&ct=119&x=1&cor=15825131614651546000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D35JDKEKBV&gtm=45je34c0&_p=1617576976&cid=1483137519.1681762720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1681762720&sct=1&seg=1&dl=https%3A%2F%2Fwww.theticket1590.com%2F&dt=The%20Ticket%202%201590%20%7C%20KYNG-AM&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-D35JDKEKBV&l=sharedContainerDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theticket1590.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
edge.Menu.min.js
www.theticket1590.com/wp-content/plugins/themify-builder/themify/js/modules/
962 B
676 B
Script
General
Full URL
https://www.theticket1590.com/wp-content/plugins/themify-builder/themify/js/modules/edge.Menu.min.js?ver=5.5.7
Requested by
Host: www.theticket1590.com
URL: https://www.theticket1590.com/wp-content/plugins/themify-builder/themify/js/main.min.js?ver=5.5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e495eef6b903e6de7362538861c8eb5c4267d909b6bc011663bca438329e041a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 13 Apr 2023 13:11:18 GMT
server
cloudflare
etag
W/"6437ff76-3c2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-whom
web-18.ampcms.internal
cf-ray
7b975bec6bef8ffa-FRA
expires
Tue, 16 Apr 2024 20:18:46 GMT
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://ib.adnxs.com/getuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=$UID&pubId=10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=8004736833800347646&pubId=10649
43 B
506 B
Image
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=8004736833800347646&pubId=10649
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
x-stw-server
ash-mesos01-node15
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 20:18:45 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3f1f2e31-741d-4915-ac11-af3c58db2248
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=an&uid=8004736833800347646&pubId=10649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uuid
nodeny.targetspot.com/callback/ Frame C001
0
0

pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triton&stn=KYNGAM
  • https://x.bidswitch.net/ul_cb/sync?ssp=triton&stn=KYNGAM
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triton
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8132136989654119209&ssp=triton
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=7c8ea65b-6a3b-44c1-aec4-fea71b762163&stn=KYNGAM
43 B
542 B
Image
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=7c8ea65b-6a3b-44c1-aec4-fea71b762163&stn=KYNGAM
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
x-stw-server
ash-mesos01-node16
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

location
//yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=7c8ea65b-6a3b-44c1-aec4-fea71b762163&stn=KYNGAM
date
Mon, 17 Apr 2023 20:18:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame C001
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tpqk5an&ttd_puid=KYNGAM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Daw%26uid%3D%24%7BUID%7D%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=0c4ee6bb09c5d8e0a413e747970dcf62&pubId=10649
43 B
532 B
Image
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=0c4ee6bb09c5d8e0a413e747970dcf62&pubId=10649
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
x-stw-server
ash-mesos01-node16
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 20:18:45 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
0e57de51-dd5d-11ed-b337-0632a139aa23
Instance-id
i-06bdd56a5b741dc9f
Location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=aw&uid=0c4ee6bb09c5d8e0a413e747970dcf62&pubId=10649
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=133&uid=12ee1870-635e-4190-a629-ef271d21c26a&rurl=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dacu%26uid%3D___AUID___%26pubI...
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768606435481&pubId=10649
43 B
494 B
Image
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768606435481&pubId=10649
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
x-stw-server
ash-mesos01-node11
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

access-control-allow-origin
*
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=acu&uid=768606435481&pubId=10649
content-length
0
CookieSyncTriton
rtb.adentifi.com/ Frame C001
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncTriton?redirect=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dadt%26uid%3D%24UID%26pubId%3D10649
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.118.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-118-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=70&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dmm%26uid%3D%5BMM_UUID%5D%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=7b71643d-a9a6-4200-9fb0-8cb125a64d67&pubId=10649
43 B
540 B
Image
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=7b71643d-a9a6-4200-9fb0-8cb125a64d67&pubId=10649
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
x-stw-server
ash-mesos01-node08
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 17 Apr 2023 20:18:46 GMT
Server
MT3 796 58fb543 master cdg-pixel-x27 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=mm&uid=7b71643d-a9a6-4200-9fb0-8cb125a64d67&pubId=10649
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Apr 2023 20:18:45 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C001
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=107&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Dcto%26uid%3D%7BuserId%7D%26pubId%3D10649
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel.gif
idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triton&google_sc&google_cm&stn=KYNGAM
  • https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEF0IT-itcvXf3wbhrdvI3H4&stn=KYNGAM&google_cver=1
43 B
524 B
Image
General
Full URL
https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEF0IT-itcvXf3wbhrdvI3H4&stn=KYNGAM&google_cver=1
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
x-stw-server
ash-mesos01-node14
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.live.streamtheworld.com/pixel.gif?partner=dbm&uid=CAESEF0IT-itcvXf3wbhrdvI3H4&stn=KYNGAM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame C001
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=85
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:45 GMT
content-length
0
pixel.gif
yield-op-idsync.live.streamtheworld.com/ Frame C001
Redirect Chain
  • https://ad.turn.com/r/cs?pid=58&redir=https%3A%2F%2Fyield-op-idsync.live.streamtheworld.com%2Fpixel.gif%3Fpartner%3Damb%26uid%3D%23USER_ID%23%26pubId%3D10649
  • https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=2358598871576537431&pubId=10649
43 B
508 B
Image
General
Full URL
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=2358598871576537431&pubId=10649
Protocol
HTTP/1.1
Server
208.92.55.231 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b3.tunegenie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:45 GMT
x-stw-server
ash-mesos01-node10
x-stw-site
ASH
content-length
43
content-type
image/gif

Redirect headers

location
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=amb&uid=2358598871576537431&pubId=10649
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
03032023-031625820-640_100_720x610_stoerer-gbplus_2zeilig5c67d8cf-7094-46df-bc55-b3fda4d82ad8.png
s0.2mdn.net/4528404/ Frame 1977
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/4528404/03032023-031625820-640_100_720x610_stoerer-gbplus_2zeilig5c67d8cf-7094-46df-bc55-b3fda4d82ad8.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb00b2046e42fe708fb2bffb629dd2fe3e6083456ba4dfb920f4c6a1aeb8ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10268516360994813842/index.html?e=69&leftOffset=0&topOffset=0&c=lWg3bCzpHH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 10:07:17 GMT
x-content-type-options
nosniff
age
36690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13914
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:16:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 10:07:17 GMT
dc_oe=ChMIwpTArd6x_gIVlZn9Bx1pDQbyEAAYACC63uxKQhMIlLKird6x_gIVxsG7CB0tvAmP;stragg=1;&timestamp=1681762727039;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 5B0F
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwpTArd6x_gIVlZn9Bx1pDQbyEAAYACC63uxKQhMIlLKird6x_gIVxsG7CB0tvAmP;stragg=1;&timestamp=1681762727039;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
o1n30140o1o81o1p838r162661r56psq-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/
697 KB
698 KB
XHR
General
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/o1n30140o1o81o1p838r162661r56psq-00002.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.15.1-G/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759da200c37c54c2007fba50e6a4d9852dc3c917e049b66b762878d85ec2e76a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theticket1590.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:48 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
713460
last-modified
Mon, 17 Apr 2023 18:54:34 GMT
server
AmazonS3
etag
"43c42b4e437bbd625ca6f41018535c35"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
leg1xcDz2Hh1RcRpSA2YFIIbbidq4ja51PznaY2uOdOBIr9TLckbGA==
envelope
lexicon.33across.com/v1/ Frame 8197
49 B
254 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002Ecz1AAAR&gdpr=0&src=pbjs&ver=7.31.0-PPI&us_privacy=1---
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.theticket1590.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
f
fid.agkn.com/ Frame 8197
0
0

prebid
id5-sync.com/api/config/ Frame 8197
135 B
550 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
47f9bfec125c6ad3150f582058470045e4aca998d5468dfea93f2023f9636a76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 8197
0
0

usync.html
eus.rubiconproject.com/ Frame 53D2
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 20:18:47 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame F6B7
10 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:de00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2290
content-encoding
gzip
content-type
text/html
date
Mon, 17 Apr 2023 19:40:38 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-id
-3XJuVzCr_5UKPbZZWdcRQ1SPKEtiB6xJ6RmIhpY-XdewIeXkCU_yg==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 5ED6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1681762721833&gdpr=0&us_privacy=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 8197
0
0

async_usersync.html
acdn.adnxs.com/dmp/ Frame 1220
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
47067
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 17 Apr 2023 20:18:47 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3345, 469225
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer
S1681762727.405762,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4B4
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83992
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Tue, 18 Apr 2023 19:38:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4491
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?us_privacy=1---&informer=13409936
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
usync.js
eus.rubiconproject.com/ Frame 53D2
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29278175891bc6f68a3c0e4e272b7651b3229207580695cefbff9b237642f836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55947
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:51:14 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 8197
33 B
408 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
819b7ee1e3f0dcbd8461824b4f3f3a05dc5914c2040f754be4e3739f2fe9f1d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sync.html
public.servenobid.com/ Frame A73D
9 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html?usp_consent=1---
Requested by
Host: d13l4u7pe64ymo.cloudfront.net
URL: https://d13l4u7pe64ymo.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-106.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://www.theticket1590.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14066
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 17 Apr 2023 16:24:22 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id
c9PwwTn4_DBbjHCeHqUhuSSGmLRcU3xBtpgJh4AiN4TlicT70mrEiQ==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usermatch
ssum-sec.casalemedia.com/ Frame C473
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
ee8df976e5c99258ba403bb74b44d5c52e8c2da22552e46032e73aa1d326066f

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1680
Content-Type
text/html
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 8770
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 20:18:47 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame F6B7
43 B
75 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame F6B7
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SKiDmeVE2uHuMRLQmfBOlSYDA9SYgoj2~A
0
234 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SKiDmeVE2uHuMRLQmfBOlSYDA9SYgoj2~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
w0lU5UFrhwr1sTn18CLjr_yhwdjoNQMmKE5d-tfK5Wnnn51sBMUjNg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SKiDmeVE2uHuMRLQmfBOlSYDA9SYgoj2~A
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame F6B7
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame F6B7
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame F6B7
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
351 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
5WL9k1q0_6fdyMmnzNyRft7LLMGhFNu9tqGr6GIy6ylgc7IBXWBxkw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F6B7
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame F6B7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
0
361 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
MY2_rY6ZjVNk5zjEXS3CUOFkTq4ZkFGz28RTJ9CzNYVVhFqwOuu0mA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame F6B7
0
428 B
Image
General
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=6be461e388a440ca82590d2b367d5766
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 17 Apr 2023 20:18:47 GMT
demconf.jpg
dpm.demdex.net/ Frame F6B7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=6dy60g7zuojzja4vh293hynae
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=6dy60g7zuojzja4vh293hynae
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=6dy60g7zuojzja4vh293hynae
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
HTTP/1.1
Server
52.31.11.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v047-0f30d8911.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
COySI8i+TTg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v047-0cfae71a5.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ddnAv5ZAQi4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=6dy60g7zuojzja4vh293hynae
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame F6B7
62 B
447 B
Image
General
Full URL
https://tags.bluekai.com/site/15597?id=6dy60g7zuojzja4vh293hynae
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 17 Apr 2023 20:18:47 GMT
content-length
62
content-type
image/gif
403716.gif
idsync.rlcdn.com/ Frame F6B7
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/403716.gif?partner_uid=6dy60g7zuojzja4vh293hynae
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame F6B7
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=6dy60g7zuojzja4vh293hynae
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.94.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-94-229.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1681762727
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync
ib.adnxs.com/ Frame 1220
0
861 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
AN-X-Request-Uuid
30e4ad1f-dd5e-4fdd-905a-49a4d55ec55a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D4B4
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52323413&p=160111&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
32627335d047d584df4c1970f680058cf17c4eb4d752373af8d182214dc7b81a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 20:18:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
867.json
id5-sync.com/g/v2/ Frame 8197
216 B
631 B
XHR
General
Full URL
https://id5-sync.com/g/v2/867.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/19984_Cumulus_728x90.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
ac519fc1b1b14a15d5341a00c4c3af18c9f299c9ee3c4a79d1b6351fd6bd7dab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.theticket1590.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theticket1590.com
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
13926
g2.gumgum.com/usync/ Frame F498
4 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.188.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-188-60.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f19509249108f9648687ef09100f3aef0885b355ee453ae6512e0cd75e25f4da

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 17 Apr 2023 20:18:47 GMT
etag
W/"0a03353fb146b8bf5869997f05bfe776f"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 34A9
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 920E
889 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
591f594d322c0c3d7610a18b3d96240a66fb28ebae3dba20a5c93f7e3b4ec6d6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
889
content-type
text/html
date
Mon, 17 Apr 2023 20:18:46 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5DEB
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
9bade0874332ebf6019bad0afd790bc029503463e763d55b8083481d10cc3315

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1686
Content-Type
text/html
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 0DD9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 20:18:47 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDBD
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83992
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Tue, 18 Apr 2023 19:38:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 2CBE
0
485 B
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-id
ungo1bmXWL1fPCqwJ2mY6mPrJ4VXpHmFnx5_-NKCluqVNbxld3VV3g==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame FC61
0
160 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 17 Apr 2023 20:18:47 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 702E
0
329 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.157.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-157-46.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 17 Apr 2023 20:18:47 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8004736833800347646
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8004736833800347646
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fedd2d04-6234-401d-9b33-fbb7e61e6b5d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=8004736833800347646
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Gf2CvBZHiDEZn3fgTRuCJhm_
0
0

pixel
ap.lijit.com/ Frame A73D
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Apr 2023 20:18:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1681762727600
  • https://ad.turn.com/r/cs?pid=45&rndcb=2925491953
  • https://sync.1rx.io/usersync/turn/2358598871576537431?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-f2c07d12-d886-467f-9cd2-532bb8d23120-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003
0
361 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003
date
Mon, 17 Apr 2023 20:18:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf2c07d12d886467f9cd2532bb8d23120003
content-type
text/html
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=4895102809587673150
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=4895102809587673150
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=4895102809587673150
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame A73D
0
498 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-52
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=0263e6e0-f86a-469e-a998-a2a490e30af8&gdpr=0&gdpr_consent=&us_privacy=1---
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=327&uid=0263e6e0-f86a-469e-a998-a2a490e30af8&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=0263e6e0-f86a-469e-a998-a2a490e30af8&gdpr=0&gdpr_consent=&us_privacy=1---
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-bbd382e8-e79d-391f-aff4-71324c00820a
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-bbd382e8-e79d-391f-aff4-71324c00820a
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-bbd382e8-e79d-391f-aff4-71324c00820a
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
0
367 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame A73D
0
362 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.58.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-58-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
sync
ads.servenobid.com/ Frame A73D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol
H2
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 17 Apr 2023 20:18:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 17 Apr 2023 20:18:47 GMT
usync.js
eus.rubiconproject.com/ Frame 8770
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29278175891bc6f68a3c0e4e272b7651b3229207580695cefbff9b237642f836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55947
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:51:14 GMT
dcm
s.amazon-adsystem.com/ Frame C473
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2H0W6EDYMKSAHVZXNQ7K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C473
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C473
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame C473
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8004736833800347646
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8004736833800347646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
06c78128-ca30-40d9-8b16-2fd9a82da36e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8004736833800347646
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C473
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1697573927&external_user_id=831a8632-f5eb-44dc-a95a-049196464108
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1697573927&external_user_id=831a8632-f5eb-44dc-a95a-049196464108
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1697573927&external_user_id=831a8632-f5eb-44dc-a95a-049196464108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame C473
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z6mFLpik13rU_o58wKqbf8ql0HnUq9R7zKrJZD7i
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z6mFLpik13rU_o58wKqbf8ql0HnUq9R7zKrJZD7i
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=z6mFLpik13rU_o58wKqbf8ql0HnUq9R7zKrJZD7i
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C473
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZD2poTz-HOGiKbJ-73U3eQAA%265240&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=69256aac-99d2-4215-aca0-5875a893fb71-tuctb372f27
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=69256aac-99d2-4215-aca0-5875a893fb71-tuctb372f27
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=69256aac-99d2-4215-aca0-5875a893fb71-tuctb372f27
date
Mon, 17 Apr 2023 20:18:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29922
crum
dsum-sec.casalemedia.com/ Frame C473
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=4895102809587673150
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=4895102809587673150
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=4895102809587673150
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
usr.undertone.com/userPixel/ Frame C473
0
349 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:46 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
NC79uN4C4R-xQeUUk7N_SBCYP8ZqxewE5q_MM4A3Gd1sQsu1XVkblg==
dcm
s.amazon-adsystem.com/ Frame 5DEB
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WYH1J926MR8XNDR3JWAQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5DEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMsjJT0wtbIKGeZ_jFnZTCA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5DEB
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5DEB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f48d:cf88:c413:b006 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 5DEB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8004736833800347646
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8004736833800347646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c8648773-a4bd-45ed-a4bd-2edcd050b89f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8004736833800347646
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 5DEB
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:509a:aa73:8454:83f6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 5DEB
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZD2poTz-HOGiKbJ-73U3eQAA%265240?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2poTz-HOGiKbJ-73U3eQAA%265240
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2poTz-HOGiKbJ-73U3eQAA%265240
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.31.11.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-0e443224b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
C08tegE5TAM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v047-0af0c2550.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3p5198IMRHA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZD2poTz-HOGiKbJ-73U3eQAA%265240
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum.casalemedia.com/ Frame 5DEB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=d7787a1a-619b-407d-8e00-08baa1fe90de&ssp=index&expires=30&user_group=5&bsw_param=7c8ea65b-6a3b-44c1-aec4-fea71b762163
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 5DEB
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 920E
0
345 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7776548484721541636&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame 920E
0
42 B
Image
General
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 920E
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzc3NjU0ODQ4NDcyMTU0MTYzNg==&gdpr=0&gdpr_consent=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzc3NjU0ODQ4NDcyMTU0MTYzNg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=Nzc3NjU0ODQ4NDcyMTU0MTYzNg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
generic
match.adsrvr.org/track/cmf/ Frame 920E
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame 920E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b69f245-bb3a-4f6a-b285-c0650d1e039b&gdpr=0&gdpr_consent=
43 B
347 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b69f245-bb3a-4f6a-b285-c0650d1e039b&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:46 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3b69f245-bb3a-4f6a-b285-c0650d1e039b&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
884071
content-length
0
expires
Mon, 17 Apr 2023 00:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 288C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
349 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
server
istio-envoy
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
sajnPNtVrY9fC6Ccw0S1kg6ciyhqVI_HVKOgal6FRB1tmbshWgTa9g==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 04C2
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=4895102809587673150
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
server
istio-envoy
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
jKeE6RltCE9EKmB0leK8fLhLssBI3Y-OCkE1QfO1xMYHz1MpDjcCdA==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 20:18:45 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 467D
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Mon, 17 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
368651
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
sync
usr.undertone.com/userPixel/ Frame 39A1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=573467214787193457
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
349 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
server
istio-envoy
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
Wu9FyE1vUMdDa1LADyfDos3sDjjGMwtg49rvBVcicD1H6bauts2rkw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 20:18:46 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 99A4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3GF0fotsJirHNn8s02JqL9ltISnHYyUr32IHCiCh
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
server
istio-envoy
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
IPdzUxRQAU0sxZfdAtOB9U9F0suvQmhdmFzN9KMYV_ianOwhJc63WA==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 20:18:46 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8BF7
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8F899C95-7455-4B28-A0AE-28E5289D5E5E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2CYRR06WKHNWR0Z35EDW
sync
usr.undertone.com/userPixel/ Frame CBEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8004736833800347646&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
server
istio-envoy
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
DqkCpB6P6bsRBTkmFLuql3AIF4ujX1Wx2jgckrsj058NNGOAa7hejw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 17:34:25 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
usr.undertone.com/userPixel/ Frame 59AA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223115899215607948&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
server
istio-envoy
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
B2AY1uvfaJOz2e8NycJYZivxDEB7NkvgVew6C8GGUi7tYPOkKTZ4-A==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 20:18:46 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame DBE3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 17 Apr 2023 20:18:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 17 Apr 2023 20:18:48 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame D65E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYTlVN0llMU1BQUNDckdOY2UyUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACa9U7Ie1MAACCrGNce2Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7776548484721541636&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACa9U7Ie1MAACCrGNce2Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7776548484721541636%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7776548484721541636&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACa9U7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACa9U7Ie1MAACCrGNce2Q&gdpr=0&gdpr_consent=
42 B
217 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACa9U7Ie1MAACCrGNce2Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 20:18:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 17 Apr 2023 20:18:48 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACa9U7Ie1MAACCrGNce2Q&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2ppwADeKquIgAp&gdpr=1&gdpr_consent=&_test=ZD2ppwADeKquIgAp
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2ppwADeKquIgAp&gdpr=1&gdpr_consent=&_test=ZD2ppwADeKquIgAp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 20:18:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZD2ppwADeKquIgAp&gdpr=1&gdpr_consent=&_test=ZD2ppwADeKquIgAp
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220071-HHN
x-timer
S1681762728.791713,VS0,VE0
cm
ipac.ctnsnet.com/int/ Frame AC8C
43 B
370 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame A220
43 B
277 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-bca8481a1cd4@version_1.539
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame B8CC
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 20:18:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 6360
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7b975bf91fdf2c04-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 20:18:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7b975bf7edbd2c04-FRA
content-type
text/html
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
85
bridge
cm.adgrx.com/ Frame A4A7
43 B
283 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
image2.pubmatic.com/AdServer/ Frame 1386
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=xcbqus1jg35v
42 B
231 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=xcbqus1jg35v
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 20:18:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 17 Apr 2023 20:18:48 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=xcbqus1jg35v
lws
90
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j4mclXRVSyigrijlKJ1eXg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=83992
accept-ranges
bytes
content-length
5554
expires
Tue, 18 Apr 2023 19:38:39 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame D4B4
49 B
266 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8F899C95-7455-4B28-A0AE-28E5289D5E5E&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.170.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-170-47.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.223
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame D4B4
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4074867268
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 google
last-modified
Mon, 17 Apr 2023 20:18:47 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8F899C95-7455-4B28-A0AE-28E5289D5E5E
date
Mon, 17 Apr 2023 20:18:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame D4B4
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2M0a1dYRjdNV25SUGlCUFljT2RCRlZ3Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8132136989654119209&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.233.114.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-114-35.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:48 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 17 Apr 2023 20:18:48 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame D4B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEY4OTlDOTUtNzQ1NS00QjI4LUEwQUUtMjhFNTI4OUQ1RTVF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
351 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
tJfrSkoDG7gX1i7qTnBxZlL-AGSqhEX1umbSNF7NPtKHQGE3pmVtZQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame D4B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN6JHxk9vmUoWzKWLsy3wfM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
_aSeiAtz1Sv9LMARyuqtF1WubsGbN0kbvvndW9yB_1ZBG2F_7OwU6w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame D4B4
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 16 Apr 2023 20:18:47 GMT
sync
usr.undertone.com/userPixel/ Frame D4B4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8132136989654119209
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
tdNIUGsx4MCGcBHt7VL3JYTbVHS4mqshbHdqH4T3uz6tp9S2awcpwA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
date
Mon, 17 Apr 2023 17:36:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame D4B4
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame D4B4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EyHo2N1E2uUD1jw7Dh045hxVa9GDxiM-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EyHo2N1E2uUD1jw7Dh045hxVa9GDxiM-~A&gdpr=0
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EyHo2N1E2uUD1jw7Dh045hxVa9GDxiM-~A&gdpr=0
date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
8F899C95-7455-4B28-A0AE-28E5289D5E5E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D4B4
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8F899C95-7455-4B28-A0AE-28E5289D5E5E?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f48d:cf88:c413:b006 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D4B4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_01d0677d-bf75-47b2-9840-2173bba8d9e5&bsw_param=7c8ea65b-6a3b-44c1-aec4-fea71b762163&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame D4B4
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8F899C95-7455-4B28-A0AE-28E5289D5E5E&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D4B4
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame D4B4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2358598871576537431&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8F899C95-7455-4B28-A0AE-28E5289D5E5E
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
0
350 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
Protocol
H2
Server
18.66.97.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-47.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
bxzgtDvBPg-GgeQv53F8rpydfB1JKgeWK3cVg63U9g2rZESbTDcbug==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8F899C95-7455-4B28-A0AE-28E5289D5E5E
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame D4B4
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8004736833800347646
42 B
113 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8004736833800347646
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4690d757-22f4-45b8-9b71-281a9f970274
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8004736833800347646
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame D4B4
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:780d09c6-c93c-473b-a110-f663e90a6676&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
223 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 0DD9
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29278175891bc6f68a3c0e4e272b7651b3229207580695cefbff9b237642f836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55947
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:51:14 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 8770
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr_consent=undefined&gdpr=0&khaos=LGLA3P7W-1-2CEF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0DD9
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&gdpr_consent=undefined&gdpr=0&khaos=LGLA3P7W-1-2CEF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8004736833800347646
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8004736833800347646
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.22; 217.114.218.22; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
11443410-61f9-4053-8faa-d38952a3e7da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=8004736833800347646
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0ab1a7cd-0df1-4934-a43a-d5521193d4c9&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=7c8ea65b-6a3b-44c1-aec4-fea71b762163&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 17 Apr 2023 20:18:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm
u.openx.net/w/1.0/ Frame F498
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28l3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&obuid=ENC(l3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_priv...
43 B
123 B
Image
General
Full URL
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform%26obUid%3Dl3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S%26uid%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 20:18:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform%26obUid%3Dl3LRrUQjfQk0nR-xrovBX04rgrjlTjxoEelED8d7t06rjRyqJtKWQKGubPvdWC6S%26uid%3D
Date
Mon, 17 Apr 2023 20:18:48 GMT
X-TraceId
931a5f99e45c831fc0de71bc5b5544eb
Content-Length
0
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=5d9c08db-7695-4133-ac3e-05cf2d3d4bb8
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=5d9c08db-7695-4133-ac3e-05cf2d3d4bb8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 20:18:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=5d9c08db-7695-4133-ac3e-05cf2d3d4bb8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-8cf540b6-ec41-5ea7-60bf-b47e216d658a$ip$217.114.218.22
Date
Mon, 17 Apr 2023 20:18:48 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ZI4s2ddE2pemmpTU9Idmt1MfqHB6cDFaj9uC~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-ZI4s2ddE2pemmpTU9Idmt1MfqHB6cDFaj9uC~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 20:18:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-ZI4s2ddE2pemmpTU9Idmt1MfqHB6cDFaj9uC~A
content-length
0
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1941bc92-8384-4099-8362-d68b8b83e07c
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1941bc92-8384-4099-8362-d68b8b83e07c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1941bc92-8384-4099-8362-d68b8b83e07c
Date
Mon, 17 Apr 2023 20:18:48 GMT
Connection
keep-alive
X-CI-RTID
86b4704d-0f8f-4882-a5bb-56c8803f866e
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 17 Apr 2023 20:18:47 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
938448443
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame F498
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=I4dHLywx2o65_AZAutd3&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SJUMREEY6LXPAZG6NRVL5AVUQLVORSDG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=I4dHLywx2o65_AZAutd3&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=I4dHLywx2o65_AZAutd3&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=I4dHLywx2o65_AZAutd3&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=384a2ced-21d9-4686-ac1d-d77678d9edfa
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=384a2ced-21d9-4686-ac1d-d77678d9edfa
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=384a2ced-21d9-4686-ac1d-d77678d9edfa
access-control-allow-origin
*
date
Mon, 17 Apr 2023 20:18:47 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Dqfma9lLPmZT&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Dqfma9lLPmZT&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=Dqfma9lLPmZT&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-5bv27
expires
-1
usersync
usersync.gumgum.com/ Frame F498
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7776548484721541636
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7776548484721541636
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 17 Apr 2023 20:18:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7776548484721541636
date
Mon, 17 Apr 2023 20:18:47 GMT
content-length
0
sync
ads.servenobid.com/ Frame F498
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.40.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-40-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 20:18:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame C7B6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
Mon, 17 Apr 2023 20:18:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 796 58fb543 master cdg-pixel-x26 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=7b71643d-a9a6-4200-9fb0-8cb125a64d67&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 2037
0
160 B
Document
General
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 17 Apr 2023 20:18:47 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame 91C5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS
  • https://usersync.gumgum.com/usersync?b=atm&i=ZD2ppwADfrMjjwBS&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZD2ppwADfrMjjwBS&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZD2ppwADfrMjjwBS&gdpr=0&gdpr_consent=&_test=ZD2ppwADfrMjjwBS
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220071-HHN
x-timer
S1681762728.824204,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 90C4
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTY5Y2MwZC02YjY4LTQyNzgtOWFiZS1kYzJjZGI0ZDlhNGU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F9C
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=83992
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 17 Apr 2023 20:18:47 GMT
expires
Tue, 18 Apr 2023 19:38:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3640
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 17 Apr 2023 20:18:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 8309
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZD2pqMCo8YUAACIsMakAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZD2pqMCo8YUAACIsMakAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 17 Apr 2023 20:18:48 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZD2pqMCo8YUAACIsMakAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad204.dc4p.scaleout.jp
X-SO-IP
217.114.218.22
X-SO-Key
ZD2pqMCo8YUAACIsMakAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZD2pqMCo8YUAACIsMakAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad204"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad204
gumgum
cs.admanmedia.com/sync/ Frame 6A88
0
0
Document
General
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 17 Apr 2023 20:18:47 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame B083
43 B
632 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 2428
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=p05YMVz31OR0HbhQs7fn&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=p05YMVz31OR0HbhQs7fn&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 17 Apr 2023 20:18:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT Mon, 17 Apr 2023 20:18:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=p05YMVz31OR0HbhQs7fn&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame EE90
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 20:18:47 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 17 Apr 2023 20:18:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame EE90
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29278175891bc6f68a3c0e4e272b7651b3229207580695cefbff9b237642f836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 17 Apr 2023 20:18:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Apr 2023 11:52:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55947
Connection
keep-alive
Content-Length
10019
Expires
Tue, 18 Apr 2023 11:51:14 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame EE90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LGLA3P7W-1-2CEF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame D4B4
0
129 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160111&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:36:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nodeny.targetspot.com
URL
https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=10649
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.theticket1590.com%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13454
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html?usp_consent=1---
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=Gf2CvBZHiDEZn3fgTRuCJhm_

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless undefined| $ function| jQuery function| selectnav object| _ampconfig boolean| _ampdebug object| _AMP number| rewardsLoginInterval undefined| rewardsSpinInterval function| Cookies object| amp_rewards object| AMP_BreakingNews object| dates object| AMP_Calendar_Utils function| AMP_Event_Calendar function| date object| _amplistenlive function| gtag object| express_dimensions object| dataLayer object| corpDataLayer string| GPT_SITE_ID object| googletag string| ajaxurl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| sharedContainerDataLayer function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue function| __tcfapi function| __uspapi object| _CMLS object| gaplugins object| gaData undefined| google_measure_js_timing object| GPT_SITE_SLOTS object| FB number| __mobxInstanceCount undefined| __mobxGlobals object| __buffer object| headertag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_727510 object| _qevents object| closure_lm_465606 function| onTuneGenieMediaPlayerLoaded object| script object| $jscomp function| $jscomp$lookupPolyfilledValue object| Themify object| onSeeReady object| regeneratorRuntime function| __tcfapiui object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| quantserve function| __qc object| ezt object| _qoptions object| freestar object| gaDevIds object| GooglebQhCsO object| ciads_settings function| fbq function| _fbq object| sifi_att_42656 object| _caq object| Ci number| onloadDateTime object| unloadDateTime boolean| navGeoSupported object| citracker_ref object| plugins object| documentAlias object| navigatorAlias object| screenAlias object| windowAlias string| locationHrefAlias string| locationHostnameAlias boolean| hasLoaded object| registeredOnLoadHandlers object| info_demographics string| SDK_VERSION object| cntrUpTag string| __PWM__VERSION string| __TGMP__VERSION string| tgmpcdn function| onPWMReadyInFrame function| onPWMReadyTop object| google_image_requests object| ADAGIO object| __PWMLIBS__ object| PMCommReceiver object| PMCommSender object| TGMP_EVENTS function| TuneGenieMediaPlayer object| tgmp function| __PWM__SCREEN_scroll function| __PWM__SCREEN_resize function| TuneGenieRC object| __PWM__ string| tgmp_default_brand undefined| tgmp_default_theme object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _ADAGIO object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| tbLocalScript object| themify_vars boolean| loaded object| GoogleGcLKhOms

167 Cookies

Domain/Path Name / Value
.theticket1590.com/ Name: _ga_7LHM6PBR21
Value: GS1.1.1681762719.1.0.1681762719.0.0.0
.theticket1590.com/ Name: cmls_localprop_ga_MG0FZNY48X
Value: GS1.1.1681762719.1.0.1681762719.0.0.0
.theticket1590.com/ Name: cmls_localprop_ga
Value: GA1.1.1483137519.1681762720
.theticket1590.com/ Name: _gid
Value: GA1.2.374673767.1681762720
.theticket1590.com/ Name: _dc_gtm_UA-41702516-17
Value: 1
.theticket1590.com/ Name: _gat_ampga
Value: 1
.theticket1590.com/ Name: _dc_gtm_UA-41736871-1
Value: 1
.www.theticket1590.com/ Name: usprivacy
Value: 1Y--
.theticket1590.com/ Name: _ga_D35JDKEKBV
Value: GS1.1.1681762720.1.0.1681762720.0.0.0
.theticket1590.com/ Name: _ga
Value: GA1.1.1483137519.1681762720
.theticket1590.com/ Name: cmls_aggregate_ga_D35JDKEKBV
Value: GS1.1.1681762720.1.1.1681762720.0.0.0
.theticket1590.com/ Name: _gcl_au
Value: 1.1.1636582877.1681762721
.quantserve.com/ Name: mc
Value: 643da9a0-c8697-538f3-6b157
.theticket1590.com/ Name: __qca
Value: P0-1991723017-1681762720597
.simpli.fi/ Name: suid
Value: 0F1114E19D3C46E5849A3AC0866C4ED7
pixel.westseven.media/ Name: AWSELBCORS
Value: E91B97D918E2B429133E33AC4397187C78F2933F0309BF864355B041616410B3E70BB5BFFAB7E02D9B35CEF7692729B24AED56356AE049EC55A6226A4886F6ED265238BEB3
.ipredictive.com/ Name: ci_rtc
Value: _uts=1681762721
.theticket1590.com/ Name: _fbp
Value: fb.1.1681762721581.932245078
www.theticket1590.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.theticket1590.com/ Name: pbjs_sharedId
Value: 45e4eba0-57b9-4c3e-a7d2-22cf52ef6f83
.prebid.a-mo.net/ Name: __amc
Value: 1_1681762721_1681762721
.lijit.com/ Name: ljt_reader
Value: Gf2CvBZHiDEZn3fgTRuCJhm_
.undertone.com/ Name: UTID
Value: 6be461e388a440ca82590d2b367d5766
.undertone.com/ Name: UTID_ENC
Value: 6dy60g7zuojzja4vh293hynae
.rubiconproject.com/ Name: khaos
Value: LGLA3P7W-1-2CEF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo/9Pls4ieE8rU1ZxogGjlwOA+xFj1I9sdpdF/86rQGb6xgS2K9JWfdW9gLwa5JKPMBPIG+klI++4yHhDSvLRplC8AbXmWgWlXqfM9h26DzsA==
.casalemedia.com/ Name: CMID
Value: ZD2poTz-HOGiKbJ-73U3eQAA
.casalemedia.com/ Name: CMPS
Value: 5240
.casalemedia.com/ Name: CMPRO
Value: 5240
.doubleclick.net/ Name: DSID
Value: NO_DATA
.theticket1590.com/ Name: __gads
Value: ID=06381474226b9772:T=1681762720:S=ALNI_MYJoZ9qJbNFCzXTjXAlUs0JcPUsIQ
.theticket1590.com/ Name: __gpi
Value: UID=00000bd7e956abef:T=1681762720:RT=1681762720:S=ALNI_MYUVBfTE82bfWHn6AZiIFPW6Xzz_g
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: ecc8157f5100b94c
.doubleclick.net/ Name: IDE
Value: AHWqTUl47lCSZnSRt573FmKQe5wkdPNPx3QkFrhwmTiIX2oYZqXCdkKsmtZUDy5guso
.adnxs.com/ Name: uuid2
Value: 8004736833800347646
.openx.net/ Name: i
Value: 790d93f2-f707-4692-9193-ddca814a7903|1681762722
.awin1.com/ Name: awpv11830
Value: 296283|1681762722|0c432f22-dd5d-11ed-9a9c-22335c3bbb34
.awin1.com/ Name: AWSESS
Value: 357066:2338577
.youtube.com/ Name: YSC
Value: H3p3pZCOgU0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: f7tILgOoO1U
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1681762722708,"clickCookie":false}}
.adtriba.com/ Name: atbgdid
Value: 504dc1e6-ac4b-4b17-b1c2-fee05dd7d55d
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>4l#]H/!]tcc8i_iqf!oN/@E'zz<*Z0Q*]P4([o>GhmomBjtB5ynQ_HuwI[cr6UgT.dTD._*PlZ[C[-kX-Db4*g
.de17a.com/ Name: guid
Value: 1.573467214787193457
.yahoo.com/ Name: A3
Value: d=AQABBKOpPWQCEN6oZ0L0AttIZE8wWaO_xjgFEgEBAQH7PmRHZAAAAAAA_eMAAA&S=AQAAAjbm8V6WE4uLG1smjwKBgv8
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrGwNDU0MLIwsDS1MDczNzY0NRDiM9QNdInMCfAMzvUpcwwAACz9yOQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrGwNDU0MLIwsDS1MDczNzY0NRDiM9QNdInMCfAMzvUpcwwAACz9yOQlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dfKISLMIrTIOMizJdSsv8rXw8KlMCQQAhq19hx4AAAA
.adfarm1.adition.com/ Name: UserID1
Value: 7223115899215607948
.turn.com/ Name: uid
Value: 2358598871576537431
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8132136989654119209
.live.streamtheworld.com/ Name: uuid-s
Value: 12ee1870-635e-4190-a629-ef271d21c26a
.linkedin.com/ Name: bcookie
Value: "v=2&9127d284-3091-471d-8922-eb95d93a79e8"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODE3NjI3MjQ7MjswMjHY0paxI1+xeNV3fknbcNNutVIYEvbNWrGHwKKv76Ek1w==
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2646:u=1:x=1:i=1681762724:t=1681849124:v=2:sig=AQGwoQYktx6FEkc8AqoQ0rATzKBgcpkd"
.exelator.com/ Name: EE
Value: "ee96bb8ad4fc49a907bfa6616c38db96"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE11dIsKckiMcUkLdnEMtHSwDwpLdHMzNAs2dgiJcnSbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQaEl%252BUWb6IhfXxUUpaQyLSopPBR8%252BkQ8A4FgrLw%253D%253D"
.amazon-adsystem.com/ Name: ad-id
Value: A4UXMOmofkAcq0Gkmo0-0s4
.acuityplatform.com/ Name: auid
Value: 768606435481
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTMz+o11c2VyTWF0Y2hpbmdJZCQEipFsYXN0RHJvcFRpbWVNaWxsaXMlAUNkG2sApphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFDZBtrAKaPdGhpcmRQYXJ0eVVzZXJJZGMxMmVlMTg3MC02MzVlLTQxOTAtYTYyOS1lZjI3MWQyMWMyNmH7+4Z2ZXJzaW9uwvs="
.live.streamtheworld.com/ Name: idsync-amb-uid-s
Value: 2358598871576537431
.bidswitch.net/ Name: tuuid
Value: 7c8ea65b-6a3b-44c1-aec4-fea71b762163
.bidswitch.net/ Name: c
Value: 1681762726
.bidswitch.net/ Name: tuuid_lu
Value: 1681762726
.live.streamtheworld.com/ Name: idsync-an-uid-s
Value: 8004736833800347646
.mathtag.com/ Name: uuid
Value: 7b71643d-a9a6-4200-9fb0-8cb125a64d67
.live.streamtheworld.com/ Name: idsync-acu-uid-s
Value: 768606435481
.live.streamtheworld.com/ Name: idsync-mm-uid-s
Value: 7b71643d-a9a6-4200-9fb0-8cb125a64d67
.live.streamtheworld.com/ Name: idsync-aw-uid-s
Value: 0c4ee6bb09c5d8e0a413e747970dcf62
.live.streamtheworld.com/ Name: idsync-bsw-uid-s
Value: 7c8ea65b-6a3b-44c1-aec4-fea71b762163
.live.streamtheworld.com/ Name: idsync-dbm-uid-s
Value: CAESEF0IT-itcvXf3wbhrdvI3H4
www.theticket1590.com/ Name: _lr_retry_request
Value: true
www.theticket1590.com/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.advertising.com/ Name: A3
Value: d=AQABBKepPWQCEO1p7Pl1fuVfV2zHHNT6Q9wFEgEBAQH7PmRHZAAAAAAA_eMAAA&S=AQAAAsDCq15MC3E0Ujm4atmKPc0
.smartadserver.com/ Name: pid
Value: 7776548484721541636
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8F899C95-7455-4B28-A0AE-28E5289D5E5E
.pubmatic.com/ Name: DPSync3
Value: 1682899200%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1682553600%3A63%7C1682899200%3A7_55_165_8_71_233_22_214_13_54_238_204_46_161_251_81_3_176_254_166_220_21_56_234%7C1684281600%3A203%7C1682294400%3A2_223_15%7C1682985600%3A35
www.theticket1590.com/ Name: id5id
Value: %7B%22created_at%22%3A%222023-04-17T20%3A18%3A47.550702631Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.servenobid.com/ Name: pid_339
Value: y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
.servenobid.com/ Name: pid_337
Value: y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
.krxd.net/ Name: _kuid_
Value: PgGGhRaZ
.servenobid.com/ Name: pid_317
Value: 7776548484721541636
.quantserve.com/ Name: d
Value: EDoBFQHjKIEO-TC_vLEA
.servenobid.com/ Name: pid_327
Value: 0263e6e0-f86a-469e-a998-a2a490e30af8
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 8004736833800347646
match.sharethrough.com/ Name: AWSALBCORS
Value: s/BrXHjKpxrDtOjm7vOf5K5KM132uBd9wBjMB7fYWgT7C9ia37PUiNjw+rtZ5F/h85DQv1umlPII6V5TUGyUhR41wIHxy99hECMf4Dy03OBf8J0FEJh6DBUvWmfK
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2b58:1969~2b58:198o~2b58:18z8~2b58"
.gumgum.com/ Name: vst
Value: e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e
.bluekai.com/ Name: bku
Value: fEy99vKowVHzgO1r
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dfKISLMIrTIOMizJdSsv8rXw8KlMCQziNTSzMDQ3MzI3MjEwtnzFiMw3MfiFxDc3MzUFAHJUazhNAAAA
.addthis.com/ Name: ouid
Value: 643da9a700014cf4bf6b073c8788df6e54e9fb0687c73d8fb443
.addthis.com/ Name: uid
Value: 643da9a77aa00bd9
.addthis.com/ Name: na_id
Value: 2023041720184762600547166209
.undertone.com/ Name: UID_EXT_56
Value: y-vKpu0whE2uHseRcdIlYXVJ8xhMzzMNlnDGBez60-~A
.undertone.com/ Name: UID_EXT_57
Value: ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB
.ctnsnet.com/ Name: cid_f356c76bd6cb46d8981df66ced91f55c
Value: 1
.criteo.com/ Name: uid
Value: 3b69f245-bb3a-4f6a-b285-c0650d1e039b
ads.playground.xyz/ Name: connect.sid
Value: s%3AV3ExilsuFnojGG7Rmg-nhmrdNEy5VQjA.5uA33ewYWboBqORtNYEV8M54pO4S2oall3s31aQkNS0
.weborama.fr/ Name: AFFICHE_W
Value: 0k0oNAM0bqTS40
.company-target.com/ Name: tuuid
Value: 831a8632-f5eb-44dc-a95a-049196464108
.company-target.com/ Name: tuuid_lu
Value: 1681762727|ix:0
.servenobid.com/ Name: pid_333
Value: ZD2poTz_HOGiKbJ_73U3eQAAFHgAAAAB
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_324
Value: 4895102809587673150
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_01d0677d-bf75-47b2-9840-2173bba8d9e5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-573467214787193457
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-3GF0fotsJirHNn8s02JqL9ltISnHYyUr32IHCiCh&KRTB&19420-3GF0fotsJirHNn8s02JqL9ltISnHYyUr32IHCiCh&KRTB&22979-3GF0fotsJirHNn8s02JqL9ltISnHYyUr32IHCiCh&KRTB&23462-3GF0fotsJirHNn8s02JqL9ltISnHYyUr32IHCiCh
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-4895102809587673150
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEN6JHxk9vmUoWzKWLsy3wfM&KRTB&22987-CAESEN6JHxk9vmUoWzKWLsy3wfM&KRTB&23025-CAESEN6JHxk9vmUoWzKWLsy3wfM&KRTB&23386-CAESEN6JHxk9vmUoWzKWLsy3wfM
.csync.loopme.me/ Name: viewer_token
Value: 5942a24e-c73b-432d-9f3e-877ca8a2fbac
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8004736833800347646&KRTB&23339-8004736833800347646
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:7b71643d-a9a6-4200-9fb0-8cb125a64d67&KRTB&16736-uid:7b71643d-a9a6-4200-9fb0-8cb125a64d67&KRTB&23019-uid:7b71643d-a9a6-4200-9fb0-8cb125a64d67&KRTB&23114-uid:7b71643d-a9a6-4200-9fb0-8cb125a64d67
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7223115899215607948&KRTB&23369-7223115899215607948
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8132136989654119209&KRTB&23263-8132136989654119209&KRTB&23481-8132136989654119209
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2358598871576537431&KRTB&23150-2358598871576537431
.dpm.demdex.net/ Name: dpm
Value: 57524298312604895451182156247251418838
.demdex.net/ Name: demdex
Value: 57524298312604895451182156247251418838
.servenobid.com/ Name: pid_309
Value: e_aa69cc0d-6b68-4278-9abe-dc2cdb4d9a4e
.adsby.bidtheatre.com/ Name: __kuid
Value: 780d09c6-c93c-473b-a110-f663e90a6676.450976727
.creative-serving.com/ Name: tuuid
Value: d7787a1a-619b-407d-8e00-08baa1fe90de
.creative-serving.com/ Name: c
Value: 1681762727
.creative-serving.com/ Name: tuuid_lu
Value: 1681762727
.creativecdn.com/ Name: u
Value: p05YMVz31OR0HbhQs7fn
.creativecdn.com/ Name: ts
Value: 1681762727
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-7c8ea65b-6a3b-44c1-aec4-fea71b762163
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZD2ppwADfrMjjwBS
.pubmatic.com/ Name: SPugT
Value: 1681762727
.pubmatic.com/ Name: pi
Value: 0:3
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003%22%7D
.bidr.io/ Name: bito
Value: AACa9U7Ie1MAACCrGNce2Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.undertone.com/ Name: UID_EXT_53
Value: 8F899C95-7455-4B28-A0AE-28E5289D5E5E
.360yield.com/ Name: tuuid
Value: 384a2ced-21d9-4686-ac1d-d77678d9edfa
.360yield.com/ Name: tuuid_lu
Value: 1681762727
.servenobid.com/ Name: pid_321
Value: RX-f2c07d12-d886-467f-9cd2-532bb8d23120-003
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-bbd382e8-e79d-391f-aff4-71324c00820a
ads.avct.cloud/ Name: uuid
Value: 0ab1a7cd-0df1-4934-a43a-d5521193d4c9
.servenobid.com/ Name: pid_346
Value: ua-bbd382e8-e79d-391f-aff4-71324c00820a
.smartadserver.com/ Name: csync
Value: 79:3b69f245-bb3a-4f6a-b285-c0650d1e039b|127:AACa9U7Ie1MAACCrGNce2Q
.go.sonobi.com/ Name: HAPLB8S
Value: s8552|ZD2pq
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.tribalfusion.com/ Name: ANON_ID
Value: aQnseFo0P8fCmTN83vFKaRusQKHZboA9VgXcrSnZc85B4mMZc2A6tUVVQHmQMfECFlvd4Za5bW2KGV2wJWoZbWIen
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.audrte.com/ Name: arcki2
Value: gc4kWXF7MWnRPiBPYcOdBFVwg!20220908!1681762728039!ip#217.114.218.22
.audrte.com/ Name: arcki2_pubmatic
Value: 8F899C95-7455-4B28-A0AE-28E5289D5E5E!20220908!1681762728043
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-jPVAtuxBXqdgv7R-IW1litly2hY&KRTB&23334-jPVAtuxBXqdgv7R-IW1litly2hY&KRTB&23417-jPVAtuxBXqdgv7R-IW1litly2hY&KRTB&23426-jPVAtuxBXqdgv7R-IW1litly2hY
.outbrain.com/ Name: obuid
Value: 56d63ff1-03e8-4965-8eed-775e7912249e
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 975c91832ac56833
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.ipredictive.com/ Name: cu
Value: 1941bc92-8384-4099-8362-d68b8b83e07c|1681762728110
.zemanta.com/ Name: zuid
Value: I4dHLywx2o65_AZAutd3
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACa9U7Ie1MAACCrGNce2Q
.pubmatic.com/ Name: PugT
Value: 1681762727
.audrte.com/ Name: arcki2_ddp2
Value: gc4kWXF7MWnRPiBPYcOdBFVwg!20220908!1681762728216
.gammaplatform.com/ Name: _aGeoIp
Value: JP|Yokkaichi
.gammaplatform.com/ Name: _aUID
Value: xcbqus1jg35v
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-xcbqus1jg35v&KRTB&23446-xcbqus1jg35v&KRTB&23465-xcbqus1jg35v
.audrte.com/ Name: arcki2_adform
Value: 8132136989654119209!20220908!1681762728403

15 Console Messages

Source Level URL
Text
network error URL: https://engage-see.franklymedia.com/widget/see_3879/see.js?ver=20220510-01
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://engage-see.franklymedia.com/widget/see_3879/see.js?ver=20220510-01
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thrtle.com/sync?vxii_pid=7004
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://nodeny.targetspot.com/callback/uuid?https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=ts&uid=$UID&pubId=10649
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
javascript error URL: https://www.theticket1590.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13454' from origin 'https://www.theticket1590.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13454
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.theticket1590.com/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.theticket1590.com%2F' from origin 'https://www.theticket1590.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?e=&m=&p=&i4=&i6=&ia=&iv=&apiKey=2126040846&r=https%3A%2F%2Fwww.theticket1590.com%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.theticket1590.com/
Message:
Access to XMLHttpRequest at 'https://public.servenobid.com/sync.html?usp_consent=1---' from origin 'https://www.theticket1590.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://public.servenobid.com/sync.html?usp_consent=1---
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/403716.gif?partner_uid=6dy60g7zuojzja4vh293hynae
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8F899C95-7455-4B28-A0AE-28E5289D5E5E&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06e31dc510364493ddc7a7a3babf1419.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
773ff33321c83b63fff957793b331644.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.storyblok.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.360yield.com
ad.ipredictive.com
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.rlcdn.com
api.tunegenie.com
api.webgains.io
app-ingestion.franklymedia.com
as-sec.casalemedia.com
b1sync.zemanta.com
b3.tunegenie.com
beacon.krxd.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.resonate.com
cdn.track.production.webgains.team
cdn.undertone.com
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
code.createjs.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.chocolateplatform.com
csi.gstatic.com
csync.loopme.me
cumuluspro-express-pro.franklymedia.com
cw.addthis.com
d.adroll.com
d.adtriba.com
d13l4u7pe64ymo.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d5p.de17a.com
data.ad-score.com
dis.criteo.com
dl.westseven.media
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
embed.sendtonews.com
embedcdn.sendtonews.com
engage-see.franklymedia.com
eus.rubiconproject.com
express-cms-assets.franklymedia.com
express-images.franklymedia.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
hb.undertone.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.live.streamtheworld.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
js.ad-score.com
kyngam.tunegenie.com
lb.eu-1-id5-sync.com
lexicon.33across.com
loadus.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
media-cdn.ipredictive.com
medialead.de
nodeny.targetspot.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.westseven.media
player.sendtonews.com
playerservices.live.streamtheworld.com
playerservices.streamtheworld.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
pv.medialead.de
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
sdk.listenlive.co
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.tunegenie.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
tag.simpli.fi
tags.bluekai.com
targeting.unrulymedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
up.pixel.ad
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.undertone.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theticket1590.com
www.youtube.com
x.bidswitch.net
yield-op-idsync.live.streamtheworld.com
ads.servenobid.com
api.rlcdn.com
fid.agkn.com
nodeny.targetspot.com
public.servenobid.com
100.21.16.143
104.111.217.14
104.120.62.44
104.18.11.47
104.18.13.242
104.18.24.185
104.18.25.185
104.74.96.163
104.75.88.126
104.85.21.172
108.138.1.25
108.138.17.91
108.138.4.150
124.146.215.45
13.225.78.3
13.32.99.90
13.40.227.197
130.211.115.4
138.201.135.164
138.201.63.157
141.226.228.48
142.250.185.162
142.250.185.226
142.250.186.66
142.250.186.70
145.239.193.130
147.75.84.158
149.126.77.46
151.101.1.108
151.101.130.49
152.195.34.212
154.59.122.79
159.203.145.121
162.19.138.116
169.197.150.7
178.250.7.11
178.79.242.16
18.156.58.229
18.158.41.38
18.185.199.82
18.198.69.109
18.214.157.46
18.66.122.25
18.66.147.106
18.66.147.41
18.66.97.105
18.66.97.25
18.66.97.47
185.184.8.90
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
185.80.39.216
185.83.142.19
185.86.138.152
185.86.139.103
185.89.210.180
185.94.180.123
192.173.31.109
193.0.160.130
195.5.165.20
198.148.27.140
198.47.127.18
198.47.127.19
2.19.228.18
2.19.228.187
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
208.92.55.231
213.155.156.184
213.19.147.43
213.19.147.45
216.52.2.39
23.56.202.187
2600:1901:0:8344::
2600:9000:20eb:6200:a:deb0:3380:93a1
2600:9000:211e:4a00:9:46dc:4700:93a1
2600:9000:2156:5a00:1:c325:9400:21
2600:9000:223c:de00:1f:2473:9080:93a1
2600:9000:223c:e200:6:44e3:f8c0:93a1
2600:9000:223d:8c00:7:5253:f880:93a1
2600:9000:223e:8a00:6:4e5d:a0c0:93a1
2600:9000:223f:5800:1f:4c18:bd40:93a1
2602:803:c003:200::21
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:20::ac43:4bf1
2606:4700::6811:190e
2606:4700::6812:166c
2606:4700::6812:1740
2606:4700::6812:176c
2606:4700::6812:19ad
2606:4700::6812:4db
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:400c:c09::9a
2a00:1450:400f:801::2003
2a02:26f0:3500:11::215:14dc
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:cc3:fe05:509a:aa73:8454:83f6
2a05:d018:d29:3602:f48d:cf88:c413:b006
2a06:98c1:3121::3
2a0b:4d07:102::1
3.122.98.219
3.123.167.21
3.212.118.122
3.232.54.224
3.33.220.150
3.65.247.187
3.65.74.108
3.71.149.231
3.9.28.72
34.102.253.54
34.111.129.221
34.111.131.239
34.120.133.55
34.196.114.84
34.233.114.35
34.233.79.203
34.241.40.57
34.247.233.198
34.249.37.121
34.90.223.176
34.95.69.49
34.96.71.22
35.157.70.96
35.186.193.173
35.186.253.211
35.204.74.118
35.214.153.92
35.244.159.8
35.244.174.68
35.81.73.75
37.157.4.28
44.210.56.152
51.75.86.98
52.217.48.206
52.220.229.2
52.3.62.68
52.31.11.204
52.4.143.35
52.45.175.185
52.46.130.91
52.49.68.56
52.50.188.60
52.51.184.211
54.152.101.92
54.152.156.135
54.154.41.234
54.156.191.143
54.229.94.229
54.231.227.96
54.246.170.47
54.76.176.197
64.202.112.95
64.227.64.62
64.74.236.31
67.220.226.238
69.166.1.12
69.173.144.138
69.173.144.165
72.251.245.179
77.245.57.72
8.43.72.98
80.77.87.162
85.114.159.118
94.23.99.218
98.98.134.243
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
016c2f9b3161469fde91b8cc634644cd57ed26845e227fc44cb4d6f327407e8a
01b0c31b7787a7bef6386448b3309dce9e0e1752f0a7cc740ab646e571c20515
0262ed76bd727f873ca1e2757ecf673b3ad1bba37640c6bbf9e6e84b5a51870c
038f8a9eea843881ed306613e33bdf5172437c90214850d58cce2558dda1a131
03a582e84c4c44c54541bec709457feb114df8b00a75bbdf251147bd768ca6a8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fd4271e82cdb8d10b3b34667c6d3a83e2a808d1034a5618ebe5fc9653ffcdb
06ffc101b9e129d5b877a17bc6c3ade6101d1c637faee67267c45e4efe3801dc
074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5
07fbb3798268063f6e2a18bc4867c5bb628b1a33b075f4629db1c704aa78f5d8
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0888666e3ef215be8a27d2d9cbadd22963d9714e12f577e8683cd219d30f4aa9
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
09c6d5d6a7b3ecdb323865a1b084488974fb96219d6620cf8a6e715d02cba55c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0d49ae011d8ef1983288cb6050e1964a1991e1639868c0be52753423b1ad60
0cbda63332a1e20ba4e89e4375bd8a4e8a84fa8e7ab58e0e62e3a342c0dea8fd
0cc1236256d8bc4e006694b3f3a093aeddda254854c5f7c62358870888b5be50
0e43c5f1049dad60b6981e789374eab9014c14fc5797db38916c20c2084e9eaf
0f27260c8a136e64319f0f7145f7506f6fd21742d6835462c4745f80da08b9c4
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b
0fdd97604374e58db3009dbad40df4e61a0a9fa5207d636049e9d3af4e62839a
10d93c5366cca501fd46f6eb821fedabda95a6fb5dc465f09c7c30c06ad5a00e
1152e980ab44d04a8f640455607ce095cc3b1ec1231d32399804114d69913c06
11f7aab214169f28971cedc0a242ab0613a00a552496f2f0956ab0ae2853b993
1227c586cb83e93f912bcc2d8196554a7a58c6850d63ab13ede724d5a105eec9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130d2977c5b71de88b4289a6f6fce6a3c7e1c719fc6b809be6f9a1bb6304a8e5
1350ac136049c7e08accc05423e9336a9198ba6d8ab7ef0b9760c2acbd47ada8
150861597da231bb966dfd09e58a556e104927ec8415ca49e3a3617596059f68
1602bbbe3ff382852e4f7c71efd46277f00cae1799adee44d44c49e51ca47d84
163904006f4fcdf9d8048d1433965d36aa786cf86c61941c1bf5898c04e2e31c
16f1c270e5f282d499f697d9d49cfea87b8329076f5224b65e5e9ca1ca9c126f
16f390292f4186912a43e229bc7fb381db8f33394b740e3620cf1c94a76f102e
17721a87106f3de689f70866bbc543c836129034f7d01e4509691cb39f1fdfe0
1808c04fac2af1c35eb1816790b204793aafeb7cb03cf6ffcaa2c3cfa9a20fe5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199f1cdc3df15de6c7544550bca52b02b7b751736047d479a928078ad5431937
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d0ab5a723a62a656f416eded56644e45ac5d29c2c2858388d3102571592b884
1d7342b56a65057bfcf933f9c4d08c18469bcebd01186dc3fa105c6b45fca4c8
1e19a2ec15cb7e80c28f326f1463ec063cb292de5cb20dec763f79b831177c54
1fffe142658ede54ea109d3864f003ebb11170d4ea0110f752ec4b51cc8646c9
21d647c1b2d79e6cddbd28f0ad41de6785540159c9a2ed2df7d6ac5a2446a562
23c28737ef1c10431754ba2c29154973422e3668d6e2656735d03ca968e6a304
23c6b274bbccec49a3c8d271cac1452ede67e45084d693934e18ce49fab0c1b7
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
25b72190b604cea0f3b4260d4540c327fc648fb1448921fe48b93e37c7b903da
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
25d5b0ed742fbcf607f1680ca632128118ca36c8a355029025eb4cd22c7aa981
26a7c417f67159ae3e9ef95aa85ee360b0ba0d07608d9f9c8e615052b1da1400
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2725f8b87b10f8782c764f7d6148cb5f80022a874ea88a3aec7f1e2a49c7ded0
27be4e71e772eab3143df5bee3739a1feb2eefe8a4f5c28de10824c7fb229a01
28f37b840619f93ac3a1f6fe2e97992b7d2787d178ee30b2612f05752e440cef
291b586499936c0e8938e1829cd7b1127599467d7a6fbacc43d610c6315d1897
29278175891bc6f68a3c0e4e272b7651b3229207580695cefbff9b237642f836
295d7a89edba340ba21a782d60adc4cadfd7fbd2ba00d9f2c931425ca1349dc7
298d5f22029629ee83d88185e8a010bf028ac663746b0dffbf1d57409b090264
2992df91168daf438b2f7e103130f15c5a0015f01ee8054f18a26e8809e0d8f1
29a4c34be2d8d3ff62ec5125d03108daa23df126fcf1e118bf42cb2ec9861fd9
2a34c01d579a8cb0ba44236a5065d7bff2abfcb6aae216f5fb64dc825f3654a9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cb61c50ef1537e976800ce617be90b4676b51489ad1decef15fda3c74d3044
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
32627335d047d584df4c1970f680058cf17c4eb4d752373af8d182214dc7b81a
3410f37a5b28ffd7d8147d4512bfa9a577977e7135735f01eae9f28f01c6b548
34a2b91067c6491b3cb0a75062f738526bfef36bfb3f5db73097e209b6c1e2c8
356962d8530e483cee9e73f446497291af6bee1ee6e400e17b6d0f6c7178d0b7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
364d2db94de8213f27558dbb869c4a5d21ab12c8407bf1aa318a23c73aa3cca4
379cbb2f20f8275ba4c3a4a35157153eb5e0d61fb6796097104fb5222d3e46d9
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3a92255192d67c0139d64b7fe64aef88c46f48b2d1c3fbf9d6eb8aaae4adce24
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e16b520601222e9febb9322d25f2880f323ab6184bbb20a2dfbc01512d49cec
3fca634634da26dbe8550625e906c79d696fd3bd2202274dde486b3a764a17ab
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40afdb6159602ec4ed6768dea83cf069e0425e4056bc61f138e0bf2046074412
416ecac927611cfec67f7d37b7629ecffc9b545bb90364994b957ed72def5769
41f1c664fdf930c1ecf1b3be8b7814abca4b9db344af4f19776c93bb780135d4
42a18846ea5847a2ca49b9a6bb8d69e7ce2617d8bb6ed0aac3321a3ddb1b97fd
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115
43ee45287123b95f11211fdd02e23147a3f4909023503e0b03fe00ea2ee01926
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
47730c536bba42826232f646d5149a94320400d9ba4d6095f017133e363f6022
47f9bfec125c6ad3150f582058470045e4aca998d5468dfea93f2023f9636a76
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49640543b3a77b759eaae78fe6cf040551dc7023fa23ed5f9dc6f02149fb9dd7
49946b9df4d3f6512f827ccb1c7e8c7a810dcbf7541092d8106a540530c56f0d
4abd4ce521306ef747719f8e7af8ef91a38ed738bb742e8742a047bac7cc764f
4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd52d4c7b01f5842459daebc3f99412981f746c283701178e9877f499d6074d
4d922cea252e89b5aba0193964a03e26866c41b08f107a5cb8576e12a9024b6e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3149128340c4394835bb0559edba9bd118e07b596e6fbbb18fef086f3151af
4e9183a7bbc56ea4bcaa21f5c619e23a4dddbe13b3017443e703ba53ca27bffa
4ea64495655ae219e4344811df78aea0b0dbc6314f9346c9b0b253645a1eaf69
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54914436c21b3b9381a395a47ccd0aef9ee898fd5970759bebe9a6b7d82a80c6
559bf235d7efc79c6b9bb6ac1cd7a53aca53a7cf6dcbd1042e9e81b7c185d617
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577d2600070bc8e32aad7c2723c9bff860085ef37b77e2e5e124f65243882050
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58983bc439c08a0f916d6b6d3a2facf9b09e20ffd4b856cc8ffd3e6ed5d14f6a
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
591f594d322c0c3d7610a18b3d96240a66fb28ebae3dba20a5c93f7e3b4ec6d6
592d78b81f600d88130f6b5464584f033567ff1a1bea010b7be152e1b6632bdc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5d3b318a856e3825d40c46bc3b2b2a3f0efda05f1e50d0186f9962d7f8abe33d
5d7162200f464a21121476793004f2eb1af54d5d92f7910b4f54f8ba64c16e3b
5db73e43d6f40687165de7df1a9cac4db859cbbfd9347cbe1416bcf8465cc91b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5f81194cbd4697dd96c6a57cd32d09427a8ecdc603fd9dce20a981341b297f7d
5f8ff2377d1203addf94cfece652d6434a1c88c24aa5cf37cceee5ff5d1f0df9
5fe38727a6f141ad08dc64ac0da47d9e67732b77840285661e519a041cc18e4e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6095a7dd7fbfb9eef293e03277d17dbb9c1e05d4bda2e1543330704a85ca0dc9
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bd6b22e0e4e140047d4f01cc2b8a964cdd475739c75479b847a3ba642dd94e
63c817698a0c1c81dab9b49270009f2c154c57b83f6bd04c29a70a9e6de2d441
63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b
6484dbdbcc018ef0cc92a28a4ef391571c4651aaa1958a85a24439c6120f9606
64ffe77d0f8d8b0b74a00ad2cd3bb5d424e904c2adba467659f77abc894ea6ab
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663d57136dd8c18d6664ef3f4331160ddea49bfb98913adfad34ed44a0553883
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6854f186a1c36afb7c914da77bfdfc0e9eece9a6af38930e3a1a7592435a2d9d
6944991f72ffde4073e23e19461468bf5e72edd168aaff7bbc4eddb81aa36912
6a0a140eca955e306602472f41378148f0c38de3f20554c189377f78926e046d
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4e4942828c6b213c090fc8961f52aa2fbcd3e42505686ca0f2c29531d057ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e32c716f997872de08a383f1b3edfca13f2235a35606f6f452a7c9f471f0dae
6e6abe2c10e0a61939368f085b8991a38189039726f6d1b19936524d24400b5e
6ea994c8a6f88cca56162f365dfb0ab63638386cf6314ce042172cddaa1b7186
6ec74085fc1675967497029f672a2da0a31815bc6792fd36c4da8086d1b20133
6ecaea631b86b12b8587d58d44a25e3b617589cc09169434106580d9cf0bceaf
6f6dc8cfd2b63684f0859c9e3186a5f9894c5d76dccca601bf08fac1953b869f
6fbf167abc24414f2c6cec9b2459ce866f3bda86b6f39f77bd895e53c5ac8800
7031d3168fda2053516666daf991d109d67643f52298c4b507e7b5463e272674
7122641b831b99a8688c6ab2e7b68c7c14e8c87ae3123de798ddf227c9c98f3a
7195e62ae459c848228b15f846d1b3c9885c38fe23b3cffc10689cf52713518f
71970f2bb23c0a4f6bbeadad64b42a9dde1b48dbc1aeafb584eaedc59049ee10
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7346a90b217ae8c78a497d99d0676a408454bf2b60f7a7f7bc56bc870c8af9ca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7541bc3222a1d2c6a5fd30bc949941c06d0470df4143160891004f6b0c138a9a
759da200c37c54c2007fba50e6a4d9852dc3c917e049b66b762878d85ec2e76a
76d6f269d1adb65cb4f03068354f2a2d6f193f8d0ac16d25b86c0c3cab80d201
78c1498111e68db0cc34927c959e4270fe8599775d2db1198e5f2a63d63add91
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
7902803ab519270d9c6374a0ba8b07cbe582c91b8f262bda3dd63d5a00b19f38
790bf3c108253318c0f755902849eed9f8e9bc3c0d1e80908f88306a716c1121
79baa2f6c69e94c26e3ef98a0864578d0c7aa4744d49cc420e2aac1e5f74d978
7c09b2155c51ff3b3009cc36c852f3b49b0eb6b352238d5b50eb0ae31dc003ec
7cbcb1196c5e91f7a8602c89b30bb7dd3c1f714d5c8072414882b592d45bc867
7d9af128af82a594bc6ea2b55e5d89ad5bd405ce6948ba3004f9e62be3dc8e40
7e54bd7f40457d4f2f9ead6605b419e7a86b0dc2681898ba2d73745f2106a1c5
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518
7f2ea9ba73f5ae19f97b3bf81aecbf706b0d77950095eb3972e36187b2205ca6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fda00593549f23ee1cb2cf30db1b47046bc435422861ad663ba747dae7377c9
804a226ee2b9503958a249d9d9e51085a389cc48a405ad4d996f97264c6f669b
809181e525fadb8dcd3df049937d06714303dd910d61d343ae6b43ecb254ffcf
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
819b7ee1e3f0dcbd8461824b4f3f3a05dc5914c2040f754be4e3739f2fe9f1d7
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2cfd985a93ccf2cdea7a5ce144439d5cd1f4fd8e314a5ef6297233b751aea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
86357424348aa174c7ab04c759c553c5fa57f3714454f6c755bcfbe5769326f5
86f6342a4dfdd95c27df3ba8ce67e7a0dce37ae19d8f4069e40aef9757b36820
871919d87d41b658272c618bfa3f2884ed2f0c5427143facb6704763e26ad3f8
8748eafdf64a3230ad4671bc9e61677c6eb40b4485f9445a4b80b528de16a3a8
87e23260355f4ce612834f16507fe2870f18fbda2f69ba9c22289f755611e237
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
89fee80067e8671ca9b800cf7b3b549a21a242c56272ec075e21ebdb6eca708f
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2
8b810f1d6c9c09f151e83b74626ee412411683ef6c247520f049d2bacadf5db9
8be5876e7de200de0f3e75c441f8dc56f96b90b00f70217a51cd3daf2a8f896b
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbff066af6ffa61e86120520954a58c8a9d72b44a1adc043f27566427569609
8df74312f7ba8eabc42060688a6c5f9c727ff4e1e65fde7685115e482dca4003
8e31124ba3d03b87e6c9ad95577ddcb1822dceb9390c8216664b3eaca2dd88ce
8e3ac8bf77e09e09be3cb75251b5f5ace9a92d123918096bbbfe64af301df041
9097551b48c4fd68bb0cb09442d93395f85d126e98fbf2dd9493dd15e0a586ca
91ea8e6ea35f90dfebe137d31cbcbae44eff4bf41af4b05ee6a9d8f715b47688
922a293fce4c3fb1526e1a5d8816602ef86fd581c3e438989416bc5c56ce9f0f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93c3df17bf9048d589272f65c9770b61be12332aee982e1f85cfca5d9dc4544a
93fd543268145b18319b3d6e3f13a178413f2f5da535a2c860d0f9e17388816f
93fdfe3f7e837c7fa3879b4b6b6a822ae669fbb2c6c966d433fc280e425db9e9
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9731cbd07328ad2851127930e2543d348efc52fb62d72804c702b37550b3a016
977ab879e46fe8cf2c205b55c2474cf9f3c20278421e98c5a1a7e9706640de3a
978b3c36d61e5c2fd93072f6d18d95436bd9c302c5d77d1bbd74f62fa5ceae1f
97ab6853d82554916652488431bfe3ca0f43bc7972010c4aaef01b4ad8539454
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bade0874332ebf6019bad0afd790bc029503463e763d55b8083481d10cc3315
9cd28222b76db9ecead97bdea2b69bce8777da737c9e242502def4a5f1c96675
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e0e5010d51c397e1478d07c3b38403c05858f2839626f9d7493991f6991820
a3bbf13e4d2461a91249f89b5f7c581117eafb6db650acf87fe81f3007e27277
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a532789e5c7dd25865bdb336dc2d3394cdf2837152d0ccad5542c1a275dcb8b3
a649351f652adc12bed8508d1208fcbd383330ed6feac5f3b62c911214a9110b
a660c0b2cf593afb9d74a7e0d33efc6979d8e58608056fb31dc6e4a5a71a1797
a71dcfaddd16dc8f74b2a51d238c674dc281b9669e5ae471baa3e74cc97a1aa8
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
a95e3834b9064377ed78a2e36fb2beb026044b5828367fb7074eacba2c393675
ac519fc1b1b14a15d5341a00c4c3af18c9f299c9ee3c4a79d1b6351fd6bd7dab
ac9caf19f84f6b71329ea2b3b86139c376f20b8fe87f35bdd94cc95e70079255
aca9a74fe9948e0cda9ced7a949cce62aa6f896ae1a575eb6ab01e85dc77c839
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef316686fd7fd39547fa8ffd64c18177dbd0e38f4f606adb68e9ea83fb2e8cd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b34293aec79b6020d0f3259e7c56f9f997475f4e95c56f343ce9375318ce7821
b3d19acaedbb34b8bd49f5a4457b6544de09b851fb20c366dc8312b04c84bc4e
b6cedeb17f0877b56cf94ef0bf81606ded07dd5efb18ec5b351fcf927a51aee8
b6e8eca14c0697a660e270a4c5ba29e5ac49e9dbde99a6208a37fa35cf3217f6
b90e065cc3d7ae9c05d0f576847f6cb13261aa315e20aa77ac64a2d72d5ce0b9
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bc1032836036e1bc00061c64c8a625fe47b9aece6db4af4fe488bf24d60d253b
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
bd48a56070c3af9e25a8f34adc58f5e3743d38740734f46128b58ffe3da24280
be8c4f245b08961a48b29107101da3ef28e9c2eb9a6a090c3d4e9babced6d9cd
beaa2e851f411d6978d073a717650147e3c8fcfef63f20b38d7ff740237553a2
beabe6ca9380b653eac9df014c151f9726bd389d2ed86cdf30104eed7947d67a
bf45f50291d9ceb6cedef279475c1efb3fd184e9e02ce0445a0d5860a9493203
c1d39d99d03c55dcce06fec6dd29d9716abe7c562e4fe974ccf4714e777b480e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c59a487b27a2c9249442a1baf5e4a49dd83e66223ca7fe7fb38afd56f44afecf
c5dc4f19b3f1f67f7ff08413a0e4c20fd9507712ee440939951953bd27747e14
c89bea8f90c7c22749b292948790d7e92ca96053d23e3a6622a1ac33c9061691
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9aeb96990b7e66f70d00527262cc838616bb70f78bbb59762fd8b64a2c028d7
ca27b49dcaf6c7ccd0349fe39719560d621d767edf987a5aed9569491694a93e
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cc11949da30b0cc69971ec307197fcdf4c71a5ccafbe3f827eca6e582df373c4
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce43f802dc7c161875bd6439eeec68f585d15ab78b9b13dd9328866d3ba8a344
cf2c52786322f91f1cb6f72fd654b9836e3e221887ba95f174d66fc030a7a977
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d050d34d95266c42e79cb0df98e4b15fb25f4ea5b47ea5db08214bea40ad9280
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d126364c6e2a7b5e91d0003b90a0761c94a81c95702e1bc0ede7a2067a48f4df
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d3fa61a169f0f1419b5a7159afe5fbaec0c1bf272064d05b88211c8d429a5c3b
d61e4b60fc735bde6c4000209de209c2e500aadbac68c05200c3da1a69a15d81
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db0ba7f5c1b57d0ba549c521e64fd43901acbfdcd65a21b42d59a8552762e1e9
db1572900f660ec411ddf36c107b1189ab1852d237989e71478588281b6fa974
dbdf64d204777289b4a162ad023cb10065006955a1284ef24bcf1147e00e1aa4
df92bbd028ab0ad0953c7e1dd6ac7137dcdbdcb169da9a30d8e38169b6bbe1a3
e025e517a55a0f2c4e6c8b54db18bc11b7f40b68f1c2936f9836973e330e1d0d
e02e1c4876697288c0ff5900c69d9b5f2a9d1118958813c682ecbbe469c1aee0
e036eee2a56f16060c857d1ca0f14e8abe9518cff6335e114ebaf1c6b2d440ba
e29669f0da6d433ce276d7b4e6223a3e70a4e9d9c6bbc788ef7d2291bdab64eb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e495eef6b903e6de7362538861c8eb5c4267d909b6bc011663bca438329e041a
e600024f21bbdff0ede268acc13b91584c47de9061fb04978c61bd5d1103efe3
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb712e90d338b8cc33a7c5df712e3ac4ee21ebb8783766fdb04027bcd208396b
eb9785da0a16c2b952d3c30278bf776dcd2ffb2236c53c681067c8b3b40ed813
ec517aa25da687ae3107c1db068b693383aeeb172bc6b3ff227de70ebff69d1a
ecb00b2046e42fe708fb2bffb629dd2fe3e6083456ba4dfb920f4c6a1aeb8ee6
ed83207527cdc95ec00e55ba048b9b9b7d4908593879d8aa4def4639be078bef
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ee8df976e5c99258ba403bb74b44d5c52e8c2da22552e46032e73aa1d326066f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09057ed1db27518f862dcefc307e3f6f3218e5244249bc9b291fc1018e7ea8f
f0b5231e9067c00bcf87b710befaa3ca3ae7ff628f249bf190b0b988d67a1272
f18097986b2ca55173d7140ee04292d25aadad7ccdb83f207b7cbac17a6d00e1
f19509249108f9648687ef09100f3aef0885b355ee453ae6512e0cd75e25f4da
f1cdc79992ce36d58e273982821bd17e8bdc09b4d4c2f3fb5a4ccc21388dc788
f2b0065f0f3ff4b8096a39b8e5c4c7f254cabb7cef765be27179c8c7d8bde852
f30cc77f312a415d6d953e3276d7505b0feb84a9a074c42ef1919b1392e18c3f
f35add45f2f73d9a34dda1cf8869f1a8fba78f4a7b692fbd054d046225ab968d
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f771c7358d2a0b21f797b70169041eee59c3ff8692598d70eb4f138cff3cb188
f7c31bbc6076e85fd81b6bd6471ae6693970bdc16eb5e571dade248b875cc443
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f9f2b6a18e4c7e8b502c1b1f23846ca677088e5ac468cecc11d874573876b4b3
fd34556b61496c7b6e67c835f6e9e986e39e68c6370de239ae5291fd794aeb54
fee40e3d3f87dc8252249f6b6612364d7f492c836fba10fe01aaac69f6f116d1