www.nhl.com Open in urlscan Pro
2606:4700::6812:10ec Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.email.hockeytown.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c07d9fd795ed4032849db...
Effective URL:
https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDA...
Submission: On October 10 via manual (October 10th 2023, 4:16:22 pm UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 78 HTTP transactions. The main IP is 2606:4700::6812:10ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nhl.com. The Cisco Umbrella rank of the primary domain is 57093.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 3rd 2023. Valid for: a year.

This is the only time www.nhl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	140.86.223.51 140.86.223.51	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	147.154.51.34 147.154.51.34	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	2606:4700::68... 2606:4700::6812:10ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:972a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:982a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
15	18.66.122.65 18.66.122.65	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.217.175.96 52.217.175.96	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	18.203.58.156 18.203.58.156	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:5200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:1ac... 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19	14618 (AMAZON-AES) (AMAZON-AES)
78	22

1 140.86.223.51 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

links.email.hockeytown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.154.51.34 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s1365483532.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:10ec (United States)

ASN13335 (CLOUDFLARENET, US)

www.nhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:972a (United States)

ASN13335 (CLOUDFLARENET, US)

assets.nhle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:982a (United States)

ASN13335 (CLOUDFLARENET, US)

media.d3.nhle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.122.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-65.fra60.r.cloudfront.net

olyent.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.175.96 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.58.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-58-156.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	formstack.com olyent.formstack.com static.formstack.com — Cisco Umbrella Rank: 29166	227 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	57 KB
10	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 936 static.adsafeprotected.com — Cisco Umbrella Rank: 720 dt.adsafeprotected.com — Cisco Umbrella Rank: 658	102 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	285 KB
6	nhl.com www.nhl.com — Cisco Umbrella Rank: 57093	121 KB
5	nhle.com assets.nhle.com — Cisco Umbrella Rank: 70108 media.d3.nhle.com — Cisco Umbrella Rank: 60352	163 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	184 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 ajax.googleapis.com — Cisco Umbrella Rank: 405	8 KB
3	gstatic.com fonts.gstatic.com	92 KB
2	amazonaws.com s3.amazonaws.com	56 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	108 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	295 B
1	eloqua.com 1 redirects s1365483532.t.eloqua.com — Cisco Umbrella Rank: 795950	891 B
1	hockeytown.com 1 redirects links.email.hockeytown.com	596 B
78	17

	Domain	Requested by
13	static.formstack.com	olyent.formstack.com
10	cdn.cookielaw.org	www.nhl.com cdn.cookielaw.org
6	dt.adsafeprotected.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.nhl.com	www.nhl.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	securepubads.g.doubleclick.net	www.nhl.com securepubads.g.doubleclick.net www.googletagservices.com
4	media.d3.nhle.com	www.nhl.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.nhl.com ajax.googleapis.com
2	static.adsafeprotected.com	pixel.adsafeprotected.com www.nhl.com
2	pixel.adsafeprotected.com	www.nhl.com
2	s3.amazonaws.com	olyent.formstack.com
2	olyent.formstack.com	www.nhl.com static.formstack.com
2	www.googletagmanager.com	www.nhl.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google-analytics.com	static.formstack.com
1	ajax.googleapis.com	olyent.formstack.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	assets.nhle.com	www.nhl.com
1	s1365483532.t.eloqua.com	1 redirects
1	links.email.hockeytown.com	1 redirects
78	24

This site contains links to these domains. Also see Links.

Domain
am.ticketmaster.com
publogix.com
online.pubhtml5.com
email.hockeytown.com
account.nhl.com
www.facebook.com
www.instagram.com
twitter.com
www.tiktok.com
www.youtube.com
www.teamworkonline.com
www.onetrust.com

Subject Issuer	Validity	Valid
nhl.com Cloudflare Inc ECC CA-3	`2023-09-03` - `2024-09-02`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
nhle.com Cloudflare Inc ECC CA-3	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.formstack.com Amazon RSA 2048 M02	`2023-03-20` - `2024-04-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
Frame ID: 383BD820E4AFFA56573C7B162C38EE4E
Requests: 40 HTTP requests in this frame

Frame: https://olyent.formstack.com/forms/gondola_inventory
Frame ID: 3D4DC448AE5C44A6DB18383531DADA1D
Requests: 22 HTTP requests in this frame

Frame: https://8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDD40CD5FEEDF85A94D50905B53EE940
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQjBV6y-4op0KVXpMhkYgkMndtpyrDs_y54vRSkdZ1PCZEAjKhtQGtowbKOkxX_Rjbnvu4pXBMzn0bIxRoKJIh4oPkwQ8lfOo7rGF1RRfnFAjhTYtUhePCa29LAXZsGb3X5GRAs2mG9jY9My6iq87dOnPBmMaPEOtNWqK1grtpHzYNiXcpGSSRaiGX3AgpVBtxQZRjsSt0nG1AIKj8Qo4v1ipmE1g1C9H5fOQlkdzicVGT6QjL1yPyCiw_Pdd7VOI25aXpyu7eagzb51VR95TDvJWlQKmbjapDy0TVCFgI8-4tNOXvLbv8OnKrBTPnBvPlRlxJEXXVb7O_VQ&sai=AMfl-YQVymStmpxYYdqQ2nAZbznbcQbU0EiqaXDmjRZT3HiFk9zYfqp5UcFuFLhRu7_k19ehBb5sfDD62BB71yNzZZl6bLtYC04ktRIe1BAjGXa4Wdcnxvra1C2U0FGXzrOse6s0R6ZGhUF2VO9_8Vs&sig=Cg0ArKJSzOyDKPKS6xykEAE&uach_m=[UACH]&adurl=
Frame ID: 802CDF46BDC82A6F798AB6F1A4588D66
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=929269&campId=150x56&pubId=4600996516&chanId=21712863350&placementId=6375627496&pubCreative=138445310432&pubOrder=3247983557&cb=1283005839&adsafe_par&impId=&custom=
Frame ID: 75CA9ED74991A5AAC63E0639DB8B9E68
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF501816BEB2BF1A7C0BBCC2873074C5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A54B821C1706C4E8872B2736EF901AE
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 88350872931AA37D934E8DB602B77F2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tickets | Detroit Red Wings | Detroit Red WingsBack ButtonFilter Button

Page URL History Show full URLs

http://links.email.hockeytown.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c... HTTP 302
https://s1365483532.t.eloqua.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c... HTTP 302
https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%2... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

78
Requests

100 %
HTTPS

78 %
IPv6

17
Domains

24
Subdomains

22
IPs

3
Countries

1482 kB
Transfer

4109 kB
Size

6
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://am.ticketmaster.com/redwings/?_ga=2.217182737.623538970.1693069430-571559288.1625669699#/index
Title: My Red Wings Account

Search URL Search Domain Scan URL

URL: https://publogix.com/e/22-DRWYB/index
Title: Yearbook

Search URL Search Domain Scan URL

URL: https://online.pubhtml5.com/ekzs/ekud/#p=1
Title: Media Guide

Search URL Search Domain Scan URL

URL: https://email.hockeytown.com/email_signup
Title: Email Updates

Search URL Search Domain Scan URL

URL: https://account.nhl.com/ui/?returnUrl=https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE&lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DETROITREDWINGS/index
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/DetroitRedWings/index
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/DetroitRedWings
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@detroitredwings
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OfficialRedWings
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.teamworkonline.com/multiple-properties/ilitch-sports/detroit-red-wings
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.email.hockeytown.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c07d9fd795ed4032849db1e9c05ca9db&elqaid=6965&elqat=1&utm_source=Sales&utm_medium=Email&utm_campaign=Gondola*20$400*20Offer*20UPDATE HTTP 302
https://s1365483532.t.eloqua.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c07d9fd795ed4032849db1e9c05ca9db&elqaid=6965&elqat=1&utm_source=Sales&utm_medium=Email&utm_campaign=Gondola*20$400*20Offer*20UPDATE HTTP 302
https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request premium-seating-offer Show response
www.nhl.com/redwings/tickets/
Redirect Chain

http://links.email.hockeytown.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c07d9fd795ed4032849db1e9c05ca9db&elqaid=6965&elqat=1&utm_source=Sales&utm_medium=Email&u...
https://s1365483532.t.eloqua.com/e/er?s=1365483532&lid=8506&elqTrackId=42DBCCDDF50C20E1D5E89D9C3FFFFB48&elq=c07d9fd795ed4032849db1e9c05ca9db&elqaid=6965&elqat=1&utm_source=Sales&utm_medium=Email&ut...
https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A...

63 KB
16 KB

320ms
249ms

Document
text/html

2606:4700::6812:10ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4380152359b76e5ae5a8e518923297c356d2ebc9b55ef9755f21562111a30c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 81402abd59521b9f-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 10 Oct 2023 16:16:17 GMT
expires: Tue, 10 Oct 2023 16:17:17 GMT
last-modified: Tue, 10 Oct 2023 15:01:56 GMT
server: cloudflare
service-worker-allowed: /
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store
Content-Length: 340
Content-Type: text/html; charset=utf-8
Date: Tue, 10 Oct 2023 16:16:17 GMT
Expires: -1
Location: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola $400 Offer UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 86ms
39ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.nhl.com
URL: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VWm3jh650itzUl5lqfHWUg==
age: 26755
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Mon, 09 Oct 2023 19:30:21 GMT
server: cloudflare
etag: 0x8DBC8FE2D5BA445
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6fcd66b5-f01e-0082-58e9-fa783d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402abf389e65cd-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 178ms
117ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3cb822f749fdbead866db461a4119f15487b9a867924b81e5f1a2087820b770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29613
x-xss-protection: 0
server: cafe
etag: 263 / 19640 / 31078700 / config-hash: 4599311004191157980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Oct 2023 16:16:17 GMT

GET
H2 200 main.js Show response
www.nhl.com/assets/js/ 182 KB
55 KB 72ms
71ms Script
application/javascript 2606:4700::6812:10ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhl.com/assets/js/main.js?_t=22f2f15c7ea1f41c840f0ca28e3c9115

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd14483f882d00ef312e0e8f9f735c7ce06388548ecd4c4c709884f05f6a83b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 07 Oct 2023 07:56:23 GMT
server: cloudflare
age: 28145
etag: W/"65210f27-2d9c7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 81402abefbe01b9f-FRA
expires: Wed, 09 Oct 2024 16:16:17 GMT

GET
H2 200 base.css
www.nhl.com/assets/css/ 335 KB
42 KB 69ms
68ms Stylesheet
text/css 2606:4700::6812:10ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhl.com/assets/css/base.css?_t=f69e7e2b842c64ca7f6545aa34bf63cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1558fe25f5938010e1d68487b7be64163d33958b032204ddb8fa8ac2bd9c496e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 07 Oct 2023 07:56:23 GMT
server: cloudflare
age: 28145
etag: W/"65210f27-53a5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 81402abefbdf1b9f-FRA
expires: Wed, 09 Oct 2024 16:16:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 90ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

060721ba5c3e08e20a4d97807af810c93b43f0667cd1cd04988d7457234af7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 16:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 15:18:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 16:16:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 714 B
540 B 93ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Rounded&display=block

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e585c25fe5eb9c05bca5313fc1fa87c999457fdfd9d27d4edb233e7edb894ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 16:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 16:16:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 16:16:17 GMT

GET
H2 200 DET_dark.svg
assets.nhle.com/logos/nhl/svg/ 16 KB
8 KB 205ms
147ms Image
image/svg+xml 2606:4700::6813:972a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nhle.com/logos/nhl/svg/DET_dark.svg
Requested by: Host: www.nhl.com
URL: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:972a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf4d56b9e301b5971201e257aec3277fa338b49b573746cfcf84c3e5168b5ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Sep 2023 15:37:34 GMT
server: cloudflare
x-amz-request-id: 3QWX892KKB727E9B
etag: W/"c4d2eddccc950f9c2a36d83137ad4288"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=7200
cf-ray: 81402abfeee32bbb-FRA
x-amz-id-2: jWFRhROGCuTzDgHwbrlOX5VE7EbX+4BAxS/ERnuhpRLvBcnwjTPoisQ87futG5+N1XWBIIfjJFY=
expires: Tue, 10 Oct 2023 18:16:18 GMT

GET
H2 200 det-wordmark
media.d3.nhle.com/image/private/t_q-best/prd/assets/redwings/logos/ 10 KB
4 KB 121ms
61ms Image
image/svg+xml 2606:4700::6813:982a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.d3.nhle.com/image/private/t_q-best/prd/assets/redwings/logos/det-wordmark

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:982a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25429cc3c4c4ef5251fdc20b4b00e0c99a41846555ef8bf6a04498dfbd16de32

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 468
edge-cache-tag: 379082862791600987930786455128844896804,413220933092068412656337402944677429723,7a7e1c8a0d5c02db22a0dd5b7c64799f,~1~175ee3ca6a3f892e93cdbaa03b355b07c4af9b71
content-disposition: attachment; filename="det-wordmark"
server-timing: cld-fastly;mitm=acpo;dur=1;cpu=0;start=2023-09-05T13:07:47.217Z;desc=hit,rtt;dur=87,content-info;desc="width=279,height=40,owidth=279,oheight=40,obytes=10365"
last-modified: Fri, 21 Jul 2023 16:48:35 GMT
server: cloudflare
etag: W/"c9ed440aea9d5ecee3de51b92c8f24b6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 81402abffadc3650-FRA
expires: Wed, 09 Oct 2024 22:16:17 GMT

GET
H2 200 nhl_shield_wm_on_light_rzzkyd
media.d3.nhle.com/image/private/t_q-best/prd/assets/nhl/logos/ 10 KB
4 KB 118ms
57ms Image
image/svg+xml 2606:4700::6813:982a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.d3.nhle.com/image/private/t_q-best/prd/assets/nhl/logos/nhl_shield_wm_on_light_rzzkyd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:982a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867802b362f296de97a9bd7a7a9d04bdcf4bb9a87d501423d1c97a73717d2594

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-same-origin
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
content-security-policy: sandbox allow-same-origin
x-content-type-options: nosniff
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 74901
content-encoding: br
edge-cache-tag: 309201162054584043590776091894875864451,413220933092068412656337402944677429723,7a7e1c8a0d5c02db22a0dd5b7c64799f,~1~0489ff5b98f7779c1f99c55c68902e2085e49e62
server-timing: cld-fastly;mitm=acpo;dur=223;cpu=1;start=2023-09-20T16:27:25.821Z;desc=miss,rtt;dur=0,content-info;desc="width=1558,height=576,bytes=10721,owidth=1558,oheight=576,obytes=10699",cloudinary;dur=217;start=2023-09-20T16:27:25.823Z,cld-id;desc=e64110e56ddd7b9fe0c4b959be53067c
x-request-id: e64110e56ddd7b9fe0c4b959be53067c
last-modified: Wed, 20 Sep 2023 16:27:27 GMT
server: cloudflare
etag: W/"f47a15d263220c9ed4f3828e128a8a0a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, max-age=31557600
timing-allow-origin: *
cf-ray: 81402abffae03650-FRA
expires: Wed, 09 Oct 2024 22:16:17 GMT

GET
H2 200 d12228cf-ac4f-4972-9ae0-6eb70eba20e8.json Show response
cdn.cookielaw.org/consent/d12228cf-ac4f-4972-9ae0-6eb70eba20e8/ 5 KB
2 KB 87ms
41ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d12228cf-ac4f-4972-9ae0-6eb70eba20e8/d12228cf-ac4f-4972-9ae0-6eb70eba20e8.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2d8bd193884fd5ef616615109762910d8a783cc17fbf588265938fbec662b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7699
content-md5: rShmALfvcgLvh/ZkdytkwQ==
content-length: 1781
x-ms-lease-status: unlocked
last-modified: Mon, 02 Oct 2023 14:00:21 GMT
server: cloudflare
etag: 0x8DBC34FEADAF5E8
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b0371206-701e-008c-5738-f5518d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402abfccf69bb2-FRA
expires: Wed, 11 Oct 2023 16:16:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
64 KB 98ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHLQBZC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18f76612a30e25d292402368626fa621ae032ee0a1a4bdda2822f9790f6278fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65387
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 16:16:17 GMT

GET
H2 200 gondola_inventory Show response
olyent.formstack.com/forms/ Frame 3D4D 39 KB
39 KB 539ms
437ms Document
text/html 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olyent.formstack.com/forms/gondola_inventory

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-65.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e9b92dddc59bdb86aab5fb3ae9c85530409311e239b6cf88858296de475e32b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.nhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=5 public
content-type: text/html; charset=UTF-8
date: Tue, 10 Oct 2023 16:16:18 GMT
expires: Tue, 10 Oct 2023 16:16:23 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-id: XEjN4RLLIEeHs8dJhPzbsBWamC03ci5gUaq4W-DmyVTXgt1sJ8KkSA==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nhl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:19:49 GMT
x-content-type-options: nosniff
age: 424588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:19:49 GMT

GET
H2 200 kr86ncowynimwwsixqzm.jpg
media.d3.nhle.com/image/private/t_w_1280/f_auto/prd/ 117 KB
117 KB 208ms
170ms Image
image/jpeg 2606:4700::6813:982a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.d3.nhle.com/image/private/t_w_1280/f_auto/prd/kr86ncowynimwwsixqzm.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:982a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0172e97f974b7e390c5aa2c7983e6206387dfc299274eaa1e6d9c61c48509c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
edge-cache-tag: 221247684068239175844906720622937561762,441458720592799526279188633346629429307,7a7e1c8a0d5c02db22a0dd5b7c64799f,~1~5cf15c20e9833bc32e6f547b1a831a615d22c7bb
server-timing: cld-fastly;mitm=acpo;dur=2;cpu=1;start=2023-10-10T00:24:51.367Z;desc=hit,rtt;dur=0,content-info;desc="width=1280,height=320,bytes=119574,owidth=2608,oheight=652,obytes=1229805"
content-length: 119574
x-request-id: 4aed67d30fa17db169d624e5491cfb96
cf-bgj: h2pri
last-modified: Mon, 09 Oct 2023 14:38:14 GMT
server: cloudflare
etag: "11a34822811b434db32a76d472baf8b0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81402abffae13650-FRA
expires: Wed, 09 Oct 2024 22:16:18 GMT

GET
H2 200 bowkgc26lqzh154e3vna.jpg
media.d3.nhle.com/image/private/t_ratio16_9-size30/f_auto/prd/ 29 KB
30 KB 474ms
436ms Image
image/webp 2606:4700::6813:982a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.d3.nhle.com/image/private/t_ratio16_9-size30/f_auto/prd/bowkgc26lqzh154e3vna.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:982a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab40293c866345354fa703c8979ce28901802b6f18a295b38efcbde63ce5d394

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
edge-cache-tag: 282857854017946443158942596764675863443,265112827558327845759081978897865023864,7a7e1c8a0d5c02db22a0dd5b7c64799f,~1~d8c7da62e2f2aef103697239c8c842fd5ac8be2e
content-disposition: inline; filename="bowkgc26lqzh154e3vna.webp"
server-timing: cld-fastly;mitm=acpo;dur=2;cpu=0;start=2023-10-09T18:19:57.920Z;desc=hit,rtt;dur=0,content-info;desc="width=624,height=351,bytes=29786,owidth=2568,oheight=1444,obytes=2607027"
content-length: 29786
x-request-id: 095999eefc83840811e3dd2ae3a746f0
last-modified: Mon, 09 Oct 2023 14:38:13 GMT
server: cloudflare
etag: "50654de5c7007e4e25e9fd3da7cc8c08"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81402abffae33650-FRA
expires: Wed, 09 Oct 2024 22:16:18 GMT

GET
H2 200 google-adv.js Show response
www.nhl.com/assets/js/ 12 KB
4 KB 63ms
62ms Script
application/javascript 2606:4700::6812:10ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhl.com/assets/js/google-adv.js?_t=e0a95e598cd475553445

Requested by

Host: www.nhl.com
URL: https://www.nhl.com/assets/js/main.js?_t=22f2f15c7ea1f41c840f0ca28e3c9115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d705f345c690a482d91c693828de062458e7f5bcaeb8236e9d209fa197162

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 07 Oct 2023 07:56:23 GMT
server: cloudflare
age: 18802
etag: W/"65210f27-2f91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 81402abfcd371b9f-FRA
expires: Wed, 09 Oct 2024 16:16:17 GMT

GET
H2 200 toggle-container.js Show response
www.nhl.com/assets/js/ 4 KB
2 KB 62ms
61ms Script
application/javascript 2606:4700::6812:10ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhl.com/assets/js/toggle-container.js?_t=a6352d42126b2bf1e332

Requested by

Host: www.nhl.com
URL: https://www.nhl.com/assets/js/main.js?_t=22f2f15c7ea1f41c840f0ca28e3c9115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754fc73b7347293cf2bde769144e589709d2fd73c6029eaf6bca4e98f15f1be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 07 Oct 2023 07:56:23 GMT
server: cloudflare
age: 18800
etag: W/"65210f27-1041"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 81402abfcd3b1b9f-FRA
expires: Wed, 09 Oct 2024 16:16:17 GMT

GET
H2 200 account-navigation.js Show response
www.nhl.com/assets/js/ 5 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700::6812:10ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhl.com/assets/js/account-navigation.js?_t=f1984af8ceb9e153b467

Requested by

Host: www.nhl.com
URL: https://www.nhl.com/assets/js/main.js?_t=22f2f15c7ea1f41c840f0ca28e3c9115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab028c0cea4f5f20cd08437e81274516c872c0eaa93fbbf3ef9404399d00fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 07 Oct 2023 07:56:23 GMT
server: cloudflare
age: 18803
etag: W/"65210f27-159f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 81402abfcd3c1b9f-FRA
expires: Wed, 09 Oct 2024 16:16:17 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 106ms
53ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.nhl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 81402ac06adc383e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/ 420 KB
132 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 16:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85153
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134705
x-xss-protection: 0
server: cafe
etag: 4581834702576728701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Oct 2024 16:37:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
44 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PH7MBGV9&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHLQBZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2111cc82e9e1aab3e69b46ad50d4bb053ba3e33cd23ed5145ee0d338e0c8dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44491
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Oct 2023 16:16:18 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/ 424 KB
102 KB 39ms
39ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wp4bduWb8cLN8oREjFODhQ==
age: 2726
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104423
x-ms-lease-status: unlocked
last-modified: Thu, 05 Oct 2023 06:23:30 GMT
server: cloudflare
etag: 0x8DBC56B97E255E8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c0eeac9e-501e-000d-2a95-f7f157000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402ac0bb1165cd-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d12228cf-ac4f-4972-9ae0-6eb70eba20e8/47fd8f2f-fdc2-418f-b789-123a0e5288c5/ 104 KB
22 KB 45ms
45ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d12228cf-ac4f-4972-9ae0-6eb70eba20e8/47fd8f2f-fdc2-418f-b789-123a0e5288c5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ff5157576887b1110ad8a830a98784f2a0234717e7e3f330c8b400fd1c8fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7033
content-md5: bhCbhxY0iFWGQN58b6JY4Q==
content-length: 22461
x-ms-lease-status: unlocked
last-modified: Mon, 02 Oct 2023 14:00:31 GMT
server: cloudflare
etag: 0x8DBC34FF0AB8863
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: eb3afc39-501e-00a4-7038-f53025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402ac13efa9bb2-FRA
expires: Wed, 11 Oct 2023 16:16:18 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 13 KB
3 KB 37ms
37ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ku3O1VFWoltPW4n5m1lGVQ==
age: 7698
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Thu, 05 Oct 2023 06:23:21 GMT
server: cloudflare
etag: 0x8DBC56B9276E242
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ec442b62-e01e-0018-1094-f7e6e4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402ac19f989bb2-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 63 KB
13 KB 37ms
37ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PPPBHX7PSqGsM/CH8gX91w==
age: 7757
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13595
x-ms-lease-status: unlocked
last-modified: Thu, 05 Oct 2023 06:23:23 GMT
server: cloudflare
etag: 0x8DBC56B9405AC5F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5c012e8c-901e-0094-6d94-f78eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402ac19f9c9bb2-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 21 KB
4 KB 40ms
40ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 7698
x-ms-lease-status: unlocked
last-modified: Thu, 05 Oct 2023 06:23:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 33d9d8a3-e01e-0037-5694-f7eb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81402ac19f9f9bb2-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 35ms
35ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 69074
x-ms-lease-status: unlocked
last-modified: Mon, 09 Oct 2023 07:30:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ff5c3330-e01e-007a-22c3-fa24c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81402ac1f8269bb2-FRA

GET
H2 200 NHL.jpg
cdn.cookielaw.org/logos/c48a335c-3316-4893-8bc6-fcacbf57fc4a/dc459a9c-51f2-42e4-bb16-21b6f44b711c/a7443a72-6ddc-4d2e-a8a5-ff6e76c778c4/ 128 KB
128 KB 34ms
33ms Image
image/jpeg 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c48a335c-3316-4893-8bc6-fcacbf57fc4a/dc459a9c-51f2-42e4-bb16-21b6f44b711c/a7443a72-6ddc-4d2e-a8a5-ff6e76c778c4/NHL.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c6ef57c382a266906a64505f592b44c1a230e155782863312f18380903076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /7yCMgVPHBMEtLnpcApvvg==
age: 22034
content-length: 130650
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 14 May 2021 18:36:26 GMT
server: cloudflare
etag: 0x8D917072E892BF0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: e5b12083-301e-0055-4ce1-5a3391000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81402ac20d6965cd-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 72ms
72ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Oct 2023 16:16:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 3667
x-ms-lease-status: unlocked
last-modified: Mon, 09 Oct 2023 07:30:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 18e7c784-301e-0024-43db-facf23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81402ac21d6f65cd-FRA

GET
H2 200 reset_3d1cc6d59f.css
static.formstack.com/forms/css/3/ Frame 3D4D 2 KB
819 B 62ms
27ms Stylesheet
text/css 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/reset_3d1cc6d59f.css
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 17:10:00 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:46:02 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 83178
etag: W/"65200f9a-616"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: aLe0vgG7po2omF0sxG3qxKqZtVzAUCvzzh4iFsoPVCFpiSOcgit8Ww==

GET
H2 200 jquery-ui-1.13.2.min_164f2f8d51.css
static.formstack.com/forms/css/3/ Frame 3D4D 31 KB
7 KB 63ms
28ms Stylesheet
text/css 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/jquery-ui-1.13.2.min_164f2f8d51.css
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 53c97063f6ea5b3487fd85cb98b0c47b41f1269fca482b2799b9c7067f051865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 17:10:00 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:50:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 83178
etag: W/"6520109a-7d52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: HyM8rqH_6JLBVb_IiBzrZgSWI-EHwO8zedW27DF9VVroUcpkdmWL3A==

GET
H2 200 default-v4_29cde3be75.css
static.formstack.com/forms/css/3/ Frame 3D4D 35 KB
6 KB 61ms
26ms Stylesheet
text/css 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/default-v4_29cde3be75.css
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 17:10:00 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:48:07 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 83178
etag: W/"65201017-8aef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: tQbo2mpZWB08VpAGNwoGywXt_8VkGqfTHkSEdmo-Pl0ZQV2Pl3_AsA==

GET
H2 200 light_2849050b8e.css
static.formstack.com/forms/css/3/ Frame 3D4D 37 KB
6 KB 65ms
30ms Stylesheet
text/css 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/3/light_2849050b8e.css
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: b0730434e9e350680ced98724525a505ac7a7e57c4bbc4472e59ae3b4275ec6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 10:19:26 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:48:10 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 21412
etag: W/"6520101a-92cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: ZLaqo4BYSdLB-BzmrmNlzqBEIwFMdLOoa4qNwYdxyckXalb2awuJ9Q==

GET
H2 200 uil-static.css
static.formstack.com/common/css/ Frame 3D4D 51 KB
6 KB 60ms
25ms Stylesheet
text/css 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/common/css/uil-static.css
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 65763fb39f393cdc1fe959c7f3d55a7ca65cedfce32f65d1d92315088bd4e7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 17:10:00 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:42:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 83178
etag: W/"65200eae-ccb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
x-amz-cf-id: 9MoT4N2nUEGNmZK76TPTdi0K9YTcpBENRvEXdk6oPlcbZSpNyz3R7Q==

GET
H2 200 dialogs_00a7ec5f05.css
static.formstack.com/forms/css/common/ Frame 3D4D 170 B
505 B 61ms
26ms Stylesheet
text/css 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/css/common/dialogs_00a7ec5f05.css
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 17:10:00 GMT
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:48:10 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 83178
etag: "6520101a-aa"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 170
x-amz-cf-id: vFmHCiYnhuuwI7su7rPJinuBaXtl7nTXppz-TI6TK6ZwKC0bl3d8zA==

GET
H/1.1 200
OK image_DetroitRedWings.png
s3.amazonaws.com/files.formstack.com/public/17357/ Frame 3D4D 41 KB
42 KB 372ms
136ms Image
image/png 52.217.175.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/files.formstack.com/public/17357/image_DetroitRedWings.png
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.175.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ddecbde0a81929645b21ee2e05c9035ee21dcdf9d6a9757d7fba5f70d2c7ae6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 16:16:19 GMT
x-amz-version-id: z2JzJ0TmqusuusCTvGlWs1etQo2JAjnu
Last-Modified: Sat, 09 Jul 2022 13:48:35 GMT
Server: AmazonS3
x-amz-request-id: W75NMX2Z3D00M0KG
ETag: "82e4e937cb8561238deec64006c83824"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 42159
x-amz-id-2: IrhcdIW1Wo9hOOsHjNkRYTa3Zz45vbvZa30j8OAJNIIwcJhiFYv0AKM9p3SruBYKeMCXTham/M0=

GET
H/1.1 200
OK iframeResizer.contentWindow.min.js Show response
s3.amazonaws.com/fed-nhl-microsites/prod/vendor/iframe-resizer/js/ Frame 3D4D 14 KB
14 KB 362ms
131ms Script
application/javascript 52.217.175.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/fed-nhl-microsites/prod/vendor/iframe-resizer/js/iframeResizer.contentWindow.min.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.175.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 16:16:19 GMT
Last-Modified: Wed, 31 Aug 2016 20:15:41 GMT
Server: AmazonS3
x-amz-request-id: W75RV03ZJXC3Q1YZ
ETag: "d840e34b94ed7ad2ac5d2d6e7e9a8678"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 13908
x-amz-id-2: Mr1LijEaVVDxv/ebrC0slDyzIhitYdrhwc1D8toLwYauZnogTmEmBXJlI0rsfHyvdT7l8AOhsW4=

GET
H2 200 jquery-3.5.1.min_dc5e7f18c8.js Show response
static.formstack.com/forms/js/3/ Frame 3D4D 87 KB
30 KB 30ms
28ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-3.5.1.min_dc5e7f18c8.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:47:49 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:50:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 34109
etag: W/"6520109a-15d84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 8DqqcWyBKHf9tuOkN0bW5O3oxIcf3wLyi2q7nskqMgyYeXQP7NMdNw==

GET
H2 200 jquery-ui-1.13.2.min_1e20479789.js Show response
static.formstack.com/forms/js/3/ Frame 3D4D 249 KB
62 KB 29ms
28ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/jquery-ui-1.13.2.min_1e20479789.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:47:49 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:50:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 34109
etag: W/"6520109a-3e46c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: YU3iAtubAhpOzGszDuIRoW2Yb4xtcBTsYkfraSRWKHtymZbPAondeA==

GET
H2 200 scripts_542ee6d23e.js Show response
static.formstack.com/forms/js/3/ Frame 3D4D 79 KB
22 KB 36ms
35ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/scripts_542ee6d23e.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 9f4bfe7765f71fe43c616e1befb31159b492fa7273b412d9ea8bd7ab75bca60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:47:49 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:46:02 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 34109
etag: W/"65200f9a-13d0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: 48ZDRxkAClrZZG4SOdnddtid60D377LZPc53DgcgJ0lxuAmwHlPgSw==

GET
H2 200 analytics_7d49daa365.js Show response
static.formstack.com/forms/js/3/ Frame 3D4D 2 KB
1 KB 38ms
38ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:47:49 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:45:59 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 34109
etag: W/"65200f97-839"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: qtpN-7J1Y3y8yiRYYFoS0Z6ld1rf3rhOXvB4qXiEBkYl5AIPmEQvJw==

GET
H2 200 libphonenumber-min_6f64debfdd.js Show response
static.formstack.com/forms/js/3/ Frame 3D4D 165 KB
39 KB 52ms
52ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/libphonenumber-min_6f64debfdd.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:47:49 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:50:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 34109
etag: W/"6520109a-29364"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: -ViWWYTxYiK6fzuYXGBNEi2mnhhyk5_UwimfeIRispSwuRaHsp9ekg==

GET
H2 200 googleanalytics_c118a241fb.js Show response
static.formstack.com/forms/js/3/plugins/ Frame 3D4D 2 KB
1 KB 66ms
66ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 15:03:17 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 14:18:34 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4381
etag: W/"65255d3a-9cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: RaJUkBLX5lldaJuTJqZq_6UTRoT5Za5a9rcDC9Qc7zPCKHI63tzhRw==

GET
H2 200 modernizr_60a2d5aeb5.js Show response
static.formstack.com/forms/js/3/ Frame 3D4D 13 KB
6 KB 36ms
36ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.formstack.com/forms/js/3/modernizr_60a2d5aeb5.js
Requested by: Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-65.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:47:49 GMT
content-encoding: br
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 13:50:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 34109
etag: W/"6520109a-33bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: pSf4vT6-sr9MZgOjsc52wnIOKTRwCskk1y443qjCeR08QZ5Kb0vANQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 3D4D 13 KB
6 KB 87ms
29ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: olyent.formstack.com
URL: https://olyent.formstack.com/forms/gondola_inventory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 15:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Oct 2024 15:54:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3D4D 1 KB
504 B 47ms
45ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Oct 2023 16:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 15:16:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Oct 2023 16:16:18 GMT

GET
H2 200 analytics.php Show response
olyent.formstack.com/forms/ Frame 3D4D 0
322 B 371ms
371ms Script
application/javascript 18.66.122.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olyent.formstack.com/forms/analytics.php?f=5473331&a=fv&m=hosted

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/analytics_7d49daa365.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-65.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/forms/gondola_inventory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA60-P2
x-frame-options: sameorigin
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public
x-amz-cf-id: aNyGZwqQfrKYm3nMPMGt3NcCh4PHPi4AFtRFvV25O5rz11hiKwdo_A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3D4D 52 KB
21 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/js/3/plugins/googleanalytics_c118a241fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://olyent.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Oct 2023 15:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1597
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 10 Oct 2023 17:49:42 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
22 KB 71ms
71ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3158480563105415&correlator=757613096182037&eid=31078700%2C31070232%2C31078601&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fifs&iu_parts=21668666170%2Cdet_nhl_web%2Chomepage%2Ctickets%2Cpremium-seating-offer&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2F4&prev_iu_szs=80x40%2C1x2&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696954578960&lmt=1696942916&adxs=1344%2C674&adys=32%2C616&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.nhl.com%2Fredwings%2Ftickets%2Fpremium-seating-offer%3FpartnerId%3DCFC_313PRE_DRWCOM_Gondola%2520%24400%2520Offer%2520UPDATE%26utm_medium%3DEmail%26utm_source%3DSales%26utm_campaign%3DGondola%252A20%2524400%252A20Offer%252A20UPDATE&vis=1&psz=80x0%7C300x-1&msz=80x0%7C300x-1&fws=516%2C516&ohw=1600%2C300&ga_vid=1697188307.1696954579&ga_sid=1696954579&ga_hid=1867115224&ga_fc=false&dlt=1696954577738&idt=306&adks=376341327%2C4256846109&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67e76a27270af5a83c93f7dbdee211c07514f99ead430c6f0a63ce57c48a62c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22995
x-xss-protection: 0
google-lineitem-id: 6375627496,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138445310432,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nhl.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 252ms
78ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0fc15d3156c1c80b9f35320bef45f411d2fd02d7c14fc863b1b5773461d6f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12171
x-xss-protection: 0

GET
H2 200 container.html Show response
8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDD4 6 KB
3 KB 234ms
62ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 16:16:19 GMT
expires: Wed, 09 Oct 2024 16:16:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3D4D 23 KB
23 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://olyent.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 477452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:38:46 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame 3D4D 23 KB
23 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://olyent.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:54:52 GMT
x-content-type-options: nosniff
age: 429686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:54:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 802C 0
0 63ms
63ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQjBV6y-4op0KVXpMhkYgkMndtpyrDs_y54vRSkdZ1PCZEAjKhtQGtowbKOkxX_Rjbnvu4pXBMzn0bIxRoKJIh4oPkwQ8lfOo7rGF1RRfnFAjhTYtUhePCa29LAXZsGb3X5GRAs2mG9jY9My6iq87dOnPBmMaPEOtNWqK1grtpHzYNiXcpGSSRaiGX3AgpVBtxQZRjsSt0nG1AIKj8Qo4v1ipmE1g1C9H5fOQlkdzicVGT6QjL1yPyCiw_Pdd7VOI25aXpyu7eagzb51VR95TDvJWlQKmbjapDy0TVCFgI8-4tNOXvLbv8OnKrBTPnBvPlRlxJEXXVb7O_VQ&sai=AMfl-YQVymStmpxYYdqQ2nAZbznbcQbU0EiqaXDmjRZT3HiFk9zYfqp5UcFuFLhRu7_k19ehBb5sfDD62BB71yNzZZl6bLtYC04ktRIe1BAjGXa4Wdcnxvra1C2U0FGXzrOse6s0R6ZGhUF2VO9_8Vs&sig=Cg0ArKJSzOyDKPKS6xykEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Oct 2023 16:16:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 802C 23 KB
9 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 802C 3 KB
1 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:15:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 802C 187 KB
59 KB 121ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696851335058330"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 16:16:19 GMT

GET
H2 200 6250011231973082622
tpc.googlesyndication.com/simgad/ Frame 802C 4 KB
5 KB 82ms
25ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6250011231973082622

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46daf60e22b23eb5f74a501fc47be08510612463af2a4c754fa242d7a1be6a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 12:29:14 GMT
x-content-type-options: nosniff
age: 100025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4463
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 12:14:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Oct 2024 12:29:14 GMT

GET
DATA 200
OK truncated
/ Frame 802C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e51d672acb8812908b6345f0fb5704c45a3c9a4ff00a43d2820d261f10fdd502

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 16:16:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 802C 0
0 133ms
71ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuR5KUt7M7QjUlE4k9ZUF9skf37cLersQKplQqXsWeCP0cuL1aNqGPsiW2K0kEGqwkSSqpeRBJjBawLaPQLwE6BBZqkMW4RZyAZ8DfaTZjuCYvvbuO05FGoqzg0_uvOP1K0ioXm5ZzaorwiKbW-E3m-HSprWwussLr3wxlPHQZYZJI4AZ8-FIglU6ia2X-rpaP0-tLOqRG1QQiQbwHkCgjtRNHy-YsgWy0rr9Fgahuwkkb8En0EnQy8uWIzwWqxtEQUJ6s-scBXXvejRiPf0hfE_XIvPoqqUq8lthXWPZadlfIwa5JKa5cjU-dJQ5L-FYL7CeMPWktIfgEgLXp&sai=AMfl-YSrp-CRf_4XINBTJrFbmYkQTnoG5iSsmS9sES8a6f1-KTJf6k2x69XIw6nqwf3TUPEoe5BklW3rho3CsS751pIID02Zdurw0T0D5XtVDX35OQnCfFnmO24KgkUSbEyAgHEiVjnnyIsY16OVSe4&sig=Cg0ArKJSzBJ5xLvDakMDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Oct 2023 16:16:19 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 75CA 47 KB
13 KB 260ms
59ms Script
application/javascript 18.203.58.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=929269&campId=150x56&pubId=4600996516&chanId=21712863350&placementId=6375627496&pubCreative=138445310432&pubOrder=3247983557&cb=1283005839&adsafe_par&impId=&custom=
Requested by: Host: www.nhl.com
URL: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.58.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-58-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: eef8399d2fb652456d1888d15a3973afb0a0a87f3437a4998f53590f20077cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:19 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF50 13 KB
5 KB 24ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 15:25:26 GMT
expires: Wed, 09 Oct 2024 15:25:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4A54 829 B
1 KB 147ms
64ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a5077ee32e158a34f09b52fc1b3fd6cfdac2d84fd9a5be09932060abff84d1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RiS-mPx4Jr0JQa17JDc34Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nhl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RiS-mPx4Jr0JQa17JDc34Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 16:16:19 GMT
expires: Tue, 10 Oct 2023 16:16:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame AF50 37 KB
14 KB 120ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 13:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 13:40:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4A54 0
0 172ms
172ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310090101&jk=3158480563105415&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF50 0
10 B 28ms
27ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RIVPIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 16:16:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 75CA 207 KB
65 KB 112ms
27ms Script
application/javascript 2600:9000:223f:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=929269&campId=150x56&pubId=4600996516&chanId=21712863350&placementId=6375627496&pubCreative=138445310432&pubOrder=3247983557&cb=1283005839&adsafe_par&impId=&custom=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5366003
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: pD5_mRi7xq_94Ik7erOBbzKu3OR-2NOmFyqpDkjvAtOjn4vpFg_NXQ==

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8835 91 KB
23 KB 29ms
29ms Script
application/javascript 2600:9000:223f:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.nhl.com
URL: https://www.nhl.com/redwings/tickets/premium-seating-offer?partnerId=CFC_313PRE_DRWCOM_Gondola%20$400%20Offer%20UPDATE&utm_medium=Email&utm_source=Sales&utm_campaign=Gondola%2A20%24400%2A20Offer%2A20UPDATE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1699629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: _LauRh7adSiYX3ZNHtNhspNhndF6VNJJiGB6LYNDV54RVghD7Uc1uQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 70ms
69ms Image
image/gif 18.203.58.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=929269&campId=150x56&pubId=4600996516&chanId=21712863350&placementId=6375627496&pubCreative=138445310432&pubOrder=3247983557&cb=1283005839&adsafe_par&impId=&custom=&adsafe_url=https%3A%2F%2Fwww.nhl.com%2Fredwings%2Ftickets%2Fpremium-seating-offer%3FpartnerId%3DCFC_313PRE_DRWCOM_Gondola%2520%24400%2520Offer%2520UPDATE%26utm_medium%3DEmail%26utm_source%3DSales%26utm_campaign%3DGondola%252A20%2524400%252A20Offer%252A20UPDATE&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.nhl.com%2F&adsafe_type=f&adsafe_jsinfo=,id:64ef65ce-62ee-2502-d7cb-e0ace6492964,c:qF77iY,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-5mgjg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1274.4.150.56,am:i,cc:1274.4.150.56,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,scm:publ1.grpm1,mtim:159,mot:0,app:0,maw:0,fm:tSiItIX+11%7C12%7C13%7C14%7C15*.929269%7C151%7C16%7C17,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:182,oid:58a05686-6788-11ee-9e4e-4ade45de461c,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.58.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-58-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:19 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 355ms
115ms Image
image/gif 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929269&asId=64ef65ce-62ee-2502-d7cb-e0ace6492964&tv=%7Bc:qF77je,pingTime:0,time:197,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:150,h:56,t:181%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:197,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:181,wc:0.0.1600.1200,ac:1274.4.150.56,am:i,cc:1274.4.150.56,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~150.56%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tSiItIX+11%7C12%7C13%7C14%7C15*.929269%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:182%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 351ms
115ms Image
image/gif 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929269&asId=64ef65ce-62ee-2502-d7cb-e0ace6492964&tv=%7Bc:qF77ji,pingTime:-2,time:201,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:318,beZ:321,mfA:478,cmA:480,inA:480,inZ:485,prA:485,prZ:493,si:501,poA:501,poZ:514,cmZ:514,mfZ:514,loA:517,loZ:520,ltA:520,ltZ:520,mdA:321,mdZ:464%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:150.56,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:150,h:56,t:181%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:201,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:181,wc:0.0.1600.1200,ac:1274.4.150.56,am:i,cc:1274.4.150.56,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~150.56%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tSiItIX+11%7C12%7C13%7C14%7C15*.929269%7C151%7C16%7C17,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:182,slid:%5Bgoogle_ads_iframe_21668666170/det_nhl_web/homepage_0,google_ads_iframe_21668666170/det_nhl_web/homepage_0__container__,ad-header-sponsorship%5D,sinceFw:18,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 183ms
183ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310090101&jk=3158480563105415&bg=!NTalNnnNAAbjlzx0w5c7ADQBe5WfOH8Aiwfy3-KTyC94tKzWR9igGmLZQgjxswHonlqL956HI6jfEZssgJAYjhVp56RWAgAAADxSAAAACmgBB5kCvM0pylPXZ_lEfc1ExWaJ2mPhMMAAyBPElb6RTzvbBcRMdpChipr9yytwlTcue7lFZhko4Ci_W2Je49Hke2lu90BB6cmwkkW0kQoSznZ1oAgV9tD3jkaJz6g641r4F4H2rUuPuvcgnlx-9uryp9Xmr8Uo7F1CagvzCPv3dTp9D4ylYVk_8O7RquF-Tgi2NWX-pl3Q5K4QZApVXiwSASW-csROxGI-fMsjjGVzWIFNjKBeO-os-WfCDcqinIgcsLbtE5zHhVuGMDMvtPIuSjZSmCoCcUG-hp8H5IbPC0F_SmuoEnYz6VndTzoIvH-o-mNxCmmXupGg7YCxJ_4M3fFTiZtuSIt_u-GFnlZZmMt_g9_dwnxLSQWFR7meUevxBSUli687Cs-rOXJQghFhsURkJxeP0z6BpT4tuwi3nGEGRs1yXiEqQptdyq62OnzbAv2H_AeUCewKu_9HrVELQ_luJ9-mIkGV38brOXtR5HfgaXTmVjgyFRqWNfFiyrR0iw2WBVC4vpjtE8eYDU_jjPR5N5Q0a3SN8jnHyy4zghETp1FI2wZSfK55igXaB8ySmnMM27aocG_UWQRbPAVls0qUjWSMKKhixllW-_357O9AMOcM7JGZ8GIvyhVHG9Qfvyg-u-1-tLykVOQjsmJVzGbL7lgyn9aPq8tRFI7PUPFjmhHW_ho85u2xEo--Ff8a09GzmI-ZRXv_J84ZRgBYBgWkroe-hiQXVp-ITV53kJi0QKcB1wTR4GKPOQ2My-FoC9CIFZcPPXKNzYF6DixWkKlUwJNGDoj7Ver89dGqGyrJCimpCG1YMGtL0GEvlFzUn9Oer9Nkqi0LPmooSUbNvRW_pb7_pwjSFPZICvS1v_7XyV6lQ1UQtecAkSNHRyNI7eqfxsuRxEzlVA5Dx_A-oLg60-TGRC6vN6GDTpnjTiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929269&asId=64ef65ce-62ee-2502-d7cb-e0ace6492964&tv=%7Bc:qF77ow,pingTime:-10,time:525,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696954580131%7C%7C8df7d21274e0c5952d01015dcb9340ca%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7C3f1dc9c0a1d62d83ce904863cbb1de1e%7C%7Cd933f278f030eae9f83d79ace46f9939%7C%7C6802a20ff7d48d784fc361581c6a01b0%7C%7Cd7fea843806187d67d6ad60626446522%7C%7C1b296d5cd5801c55cebb83fccea6d519%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 802C 42 B
174 B 189ms
189ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFOQ2Vd1HdWhCBwwkanVcrPH9jcCqdXrmiOdFlxPNIXG-KHtFvchoUIYTEgdKHwMSaUI1JzjL-V_qCjgjxNESkjZiZ9reiUlwNgVhYXiaZL48N7vYWQ6rLZUOMWUVE&sig=Cg0ArKJSzOtiRFb_hRmEEAE&id=lidar2&mcvt=1000&p=4,1274,60,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231009&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=376341327&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696954579076&rpt=208&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 122ms
121ms Image
image/gif 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929269&asId=64ef65ce-62ee-2502-d7cb-e0ace6492964&tv=%7Bc:qF77zo,pingTime:1,time:1199,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:150,h:56,t:181%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1199,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:181,wc:0.0.1600.1200,ac:1274.4.150.56,am:i,cc:1274.4.150.56,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1035~100%5D,as:%5B1035~150.56%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:122,fm:tSiItIX+11%7C12%7C13%7C14%7C15*.929269%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sis:266%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 123ms
123ms Image
image/gif 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929269&asId=64ef65ce-62ee-2502-d7cb-e0ace6492964&tv=%7Bc:qF77zo,pingTime:1,time:1199,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:150,h:56,t:181%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1199,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:181,wc:0.0.1600.1200,ac:1274.4.150.56,am:i,cc:1274.4.150.56,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~150.56%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:122,fm:tSiItIX+11%7C12%7C13%7C14%7C15*.929269%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sis:266,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 122ms
122ms Image
image/gif 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=929269&asId=64ef65ce-62ee-2502-d7cb-e0ace6492964&tv=%7Bc:qF77zp,pingTime:1,time:1200,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:150,h:56,t:181%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1200,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:181,wc:0.0.1600.1200,ac:1274.4.150.56,am:i,cc:1274.4.150.56,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~150.56%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:122,fm:tSiItIX+11%7C12%7C13%7C14%7C15*.929269%7C151%7C16%7C17,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sis:266,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5dcf:b170:fc79:1e19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Oct 2023 16:16:20 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eloqua.com/	1970-01-21 00:54:18	Name: ELOQUA Value: GUID=01DF20F39FE44C5B98928EFA94714487
.eloqua.com/	1970-01-21 00:54:18	Name: ELQSTATUS Value: OK
.nhl.com/	1970-01-20 17:32:10	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Oct+10+2023+18%3A16%3A18+GMT%2B0200+(Central+European+Summer+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=b7c3477c-2fc1-4024-9500-40fb51f830b1&interactionCount=0&landingPath=https%3A%2F%2Fwww.nhl.com%2Fredwings%2Ftickets%2Fpremium-seating-offer%3FpartnerId%3DCFC_313PRE_DRWCOM_Gondola%2520%24400%2520Offer%2520UPDATE%26utm_medium%3DEmail%26utm_source%3DSales%26utm_campaign%3DGondola%252A20%2524400%252A20Offer%252A20UPDATE&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.nhl.com/	1970-01-21 00:44:10	Name: __gads Value: ID=4f15f7b7f2f237cf:T=1696954578:RT=1696954578:S=ALNI_MYhjjeKbv26KDYAZois57BHJhPJOA
.nhl.com/	1970-01-21 00:44:10	Name: __gpi Value: UID=00000c948146aeaa:T=1696954578:RT=1696954578:S=ALNI_MalTKUjTOOD06q0bKzva6UllMU1sQ
.doubleclick.net/	1970-01-21 00:44:10	Name: IDE Value: AHWqTUn8ZJ5iFfauteCueS7ufo4ZJkiCPWQLsi6L0d6qcp64_78IEtY1GqA50m-DMB8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8e8a3cc3203e952f2d7c07390725598d.safeframe.googlesyndication.com
ajax.googleapis.com
assets.nhle.com
cdn.cookielaw.org
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
links.email.hockeytown.com
media.d3.nhle.com
olyent.formstack.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
s1365483532.t.eloqua.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.formstack.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nhl.com
140.86.223.51
147.154.51.34
18.203.58.156
18.66.122.65
2600:1f18:1aca:4282:5dcf:b170:fc79:1e19
2600:9000:223f:5200:8:48e:53c0:93a1
2606:4700:4400::6812:2089
2606:4700::6812:10ec
2606:4700::6812:83ec
2606:4700::6813:972a
2606:4700::6813:982a
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
52.217.175.96
0172e97f974b7e390c5aa2c7983e6206387dfc299274eaa1e6d9c61c48509c87
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
060721ba5c3e08e20a4d97807af810c93b43f0667cd1cd04988d7457234af7f4
1558fe25f5938010e1d68487b7be64163d33958b032204ddb8fa8ac2bd9c496e
18f76612a30e25d292402368626fa621ae032ee0a1a4bdda2822f9790f6278fb
1a5077ee32e158a34f09b52fc1b3fd6cfdac2d84fd9a5be09932060abff84d1d
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
25429cc3c4c4ef5251fdc20b4b00e0c99a41846555ef8bf6a04498dfbd16de32
269c6ef57c382a266906a64505f592b44c1a230e155782863312f18380903076
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4380152359b76e5ae5a8e518923297c356d2ebc9b55ef9755f21562111a30c59
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46daf60e22b23eb5f74a501fc47be08510612463af2a4c754fa242d7a1be6a86
4e585c25fe5eb9c05bca5313fc1fa87c999457fdfd9d27d4edb233e7edb894ab
53c97063f6ea5b3487fd85cb98b0c47b41f1269fca482b2799b9c7067f051865
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d9d705f345c690a482d91c693828de062458e7f5bcaeb8236e9d209fa197162
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9
65763fb39f393cdc1fe959c7f3d55a7ca65cedfce32f65d1d92315088bd4e7d7
67e76a27270af5a83c93f7dbdee211c07514f99ead430c6f0a63ce57c48a62c0
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
754fc73b7347293cf2bde769144e589709d2fd73c6029eaf6bca4e98f15f1be0
75ff5157576887b1110ad8a830a98784f2a0234717e7e3f330c8b400fd1c8fb0
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
867802b362f296de97a9bd7a7a9d04bdcf4bb9a87d501423d1c97a73717d2594
86d5823df9f96c928e9981519128e09bf8f745ca88e690be0b342b5ce904d394
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9f4bfe7765f71fe43c616e1befb31159b492fa7273b412d9ea8bd7ab75bca60b
9fc43e8f6f26a254c4570b6ccd4e08a2a5f97bedcd1f3491ede9bbb8b5012d90
a2d8bd193884fd5ef616615109762910d8a783cc17fbf588265938fbec662b44
ab40293c866345354fa703c8979ce28901802b6f18a295b38efcbde63ce5d394
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
af420c807b04fdb5136ef53f3bab83b81f2b94e43fa9856f1fad2fde88383744
af897a5f18c00a272750446a9c34d8e024e18813260c4cfef79db22dc4fdf2bb
b0730434e9e350680ced98724525a505ac7a7e57c4bbc4472e59ae3b4275ec6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2111cc82e9e1aab3e69b46ad50d4bb053ba3e33cd23ed5145ee0d338e0c8dfe
b3cb822f749fdbead866db461a4119f15487b9a867924b81e5f1a2087820b770
be488c0f242b432e7109eebf228368139abbeff37eb8fad1b3c510d41e362bd7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d0fc15d3156c1c80b9f35320bef45f411d2fd02d7c14fc863b1b5773461d6f77
d163164bb749cfdea6b29289c061df192d7fb36cc10f20b1583e3ab81156149a
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
dd14483f882d00ef312e0e8f9f735c7ce06388548ecd4c4c709884f05f6a83b7
ddecbde0a81929645b21ee2e05c9035ee21dcdf9d6a9757d7fba5f70d2c7ae6d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e2781619082fe50667bce285f562c3dfa98b589f0854da4a333a00d0f4b6c318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51d672acb8812908b6345f0fb5704c45a3c9a4ff00a43d2820d261f10fdd502
e8f71867a6991d5a1ba2b9cd33000e8d8691f6ba8864516946b62087de93aa85
e9b92dddc59bdb86aab5fb3ae9c85530409311e239b6cf88858296de475e32b6
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eef8399d2fb652456d1888d15a3973afb0a0a87f3437a4998f53590f20077cbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fab028c0cea4f5f20cd08437e81274516c872c0eaa93fbbf3ef9404399d00fc3
fdf4d56b9e301b5971201e257aec3277fa338b49b573746cfcf84c3e5168b5ca

www.nhl.com Open in urlscan Pro 2606:4700::6812:10ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

78 %IPv6

17 Domains

24 Subdomains

22 IPs

3 Countries

1482 kBTransfer

4109 kBSize

6 Cookies

12 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nhl.com Open in urlscan Pro
2606:4700::6812:10ec Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

78 %
IPv6

17
Domains

24
Subdomains

22
IPs

3
Countries

1482 kB
Transfer

4109 kB
Size

6
Cookies

78 HTTP transactions
1 data transactions