URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Submission: On August 17 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 39 HTTP transactions. The main IP is 2606:4700::6811:b942, located in United States and belongs to CLOUDFLARENET, US. The main domain is lsi.fourthwalltickets.com.
TLS certificate: Issued by R3 on July 2nd 2023. Valid for: 3 months.
This is the only time lsi.fourthwalltickets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
8 squareup.com
pci-connect.squareup.com — Cisco Umbrella Rank: 50680
js.squareup.com — Cisco Umbrella Rank: 51772
connect.squareup.com — Cisco Umbrella Rank: 41215
40 KB
8 fourthwalltickets.com
lsi.fourthwalltickets.com
cdn.fourthwalltickets.com
684 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
368 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
4 squarecdn.com
web.squarecdn.com — Cisco Umbrella Rank: 30968
196 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 991
script.hotjar.com — Cisco Umbrella Rank: 1166
59 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 12398
2 KB
1 browser-intake-datadoghq.com
csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 31249
1 google.de
www.google.de — Cisco Umbrella Rank: 5345
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
1 KB
39 13
Domain Requested by
6 lsi.fourthwalltickets.com lsi.fourthwalltickets.com
5 pci-connect.squareup.com web.squarecdn.com
5 www.googletagmanager.com lsi.fourthwalltickets.com
www.googletagmanager.com
4 web.squarecdn.com lsi.fourthwalltickets.com
web.squarecdn.com
2 connect.squareup.com js.squareup.com
connect.squareup.com
2 www.google-analytics.com www.googletagmanager.com
web.squarecdn.com
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.fourthwalltickets.com lsi.fourthwalltickets.com
2 plausible.io lsi.fourthwalltickets.com
web.squarecdn.com
1 csp-report.browser-intake-datadoghq.com lsi.fourthwalltickets.com
1 js.squareup.com web.squarecdn.com
1 www.google.de lsi.fourthwalltickets.com
1 www.google.com lsi.fourthwalltickets.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com lsi.fourthwalltickets.com
1 static.hotjar.com lsi.fourthwalltickets.com
39 18

This site contains links to these domains. Also see Links.

Domain
www.fourthwalltickets.com
Subject Issuer Validity Valid
fourthwalltickets.com
R3
2023-07-02 -
2023-09-30
3 months crt.sh
plausible.io
R3
2023-08-03 -
2023-11-01
3 months crt.sh
web.squarecdn.com
Amazon RSA 2048 M01
2023-04-02 -
2024-04-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
api.squareup.com
Entrust Certification Authority - L1K
2023-03-24 -
2024-03-23
a year crt.sh
www.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
www.google.de
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
js.squareup.com
Cloudflare Inc ECC CA-3
2023-04-03 -
2024-04-01
a year crt.sh
connect.squareup.com
Cloudflare Inc ECC CA-3
2023-02-22 -
2024-02-21
a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-17 -
2024-06-18
a year crt.sh

This page contains 4 frames:

Primary Page: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Frame ID: AAC02BD5BFB6DB7498E1DB5FDA484AE8
Requests: 31 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.1/main-iframe.html?applicationId=sq0idp-ppoQRqs1Ay3dz_6SHlUoUg&hostname=lsi.fourthwalltickets.com
Frame ID: F00163B47FB05AF215A1D57AA6359224
Requests: 3 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.1/single-card-element-iframe.html
Frame ID: 675E7325168B69734965C91EEBD4A565
Requests: 1 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00
Frame ID: 9EDD3E8A589FB4F28C21595F6B77B631
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

LSI Open Stage • Logan Square Improv

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.squareup\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • plausible\.io/js/plausible\.js

Page Statistics

39
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

1422 kB
Transfer

4501 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f
lsi.fourthwalltickets.com/shows/
23 KB
6 KB
Document
General
Full URL
https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf830a97320836e706f8f39e9e46d8476e0dabd97eb5e6abebcad3d55480931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
MISS
cf-ray
7f7e3d91df711c1c-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 01:45:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-do-app-origin
c29540e2-e6b0-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c9c72ad7-f0c3-478a-ba4f-dd2379571b0b
x-runtime
0.081357
x-xss-protection
1; mode=block
plausible.js
plausible.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.io/js/plausible.js
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1082
cdn-cachedat
08/17/2023 00:58:04
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.1.5
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, max-age=3600
permissions-policy
interest-cohort=()
cdn-requestid
33e64265d5051e005facecd70a0e9811
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
application-625d8bf0.css
lsi.fourthwalltickets.com/packs/css/
323 KB
50 KB
Stylesheet
General
Full URL
https://lsi.fourthwalltickets.com/packs/css/application-625d8bf0.css
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9991a514a6377cdc6ac344a3c713dc3298836019ea4c1f09033636fe8f28dc59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
c29540e2-e6b0-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
vary
Accept-Encoding
content-type
text/css
cache-control
private
cf-ray
7f7e3d94b8c51c1c-FRA
application-647eba8f3dbc73c124c1.js
lsi.fourthwalltickets.com/packs/js/
2 MB
459 KB
Script
General
Full URL
https://lsi.fourthwalltickets.com/packs/js/application-647eba8f3dbc73c124c1.js
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dcee92197937aa6bb88047191a36f1c31c2f75f4d3acc5aa390f2bcdf7935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
c29540e2-e6b0-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
cf-ray
7f7e3d94b8c61c1c-FRA
application-dab24c6e9c487bcfdcabb2f179fe71ee8aa19af3637172f23426e0f6c505db4e.css
lsi.fourthwalltickets.com/assets/
49 KB
9 KB
Stylesheet
General
Full URL
https://lsi.fourthwalltickets.com/assets/application-dab24c6e9c487bcfdcabb2f179fe71ee8aa19af3637172f23426e0f6c505db4e.css
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0b1c4a8f2973026b8079f78bfa59d9c2497d92044c05bfacfc79ba4b3e1ee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
c29540e2-e6b0-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
vary
Accept-Encoding
content-type
text/css
cache-control
private
cf-ray
7f7e3d94b8c71c1c-FRA
square.js
web.squarecdn.com/v1/
345 KB
100 KB
Script
General
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:dc00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df174040d08e621f3ea7fa2012ee327cf7899d8ece1355da7ea8652f55c2e345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
HvsTcpqX2UO1b0PoxqJvYLOe.s5pz4mJ
content-encoding
gzip
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 23:33:26 GMT
x-amz-cf-pop
DUS51-P2
age
7951
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-websdk-version
1.51.1
last-modified
Mon, 14 Aug 2023 23:32:32 GMT
server
AmazonS3
etag
W/"53ebaca2b9102b6f43abddedeb91baca"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-meta-md5checksum
U+usorkQK29Dq93t65G6yg==
cache-control
public, max-age=300
vary
Accept-Encoding
x-amz-cf-id
oXptxoRLil7c1B5Mtzos1-TvncmcRVJbrWrZhk0DByoahJOzswz8KQ==
lsi_logo.png
cdn.fourthwalltickets.com/uploads/theatre/img_logo/5/
11 KB
11 KB
Image
General
Full URL
https://cdn.fourthwalltickets.com/uploads/theatre/img_logo/5/lsi_logo.png
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
ac51a53a4e95a12dbf9691794436cc646c1a25d21d54c4cbcd3ff44cc50aad1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 03 Feb 2022 01:40:21 GMT
x-amz-request-id
tx000000000000013bc1c13-0064b013db-70cae589-nyc3c
etag
"717de4d80c26e24e3cc8925d729908c0"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1692236757.dop158.fr8.t,1692236757.cds168.fr8.hn,1692236757.cds214.fr8.c
content-type
image/png
x-rgw-object-type
Normal
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10782
LSI_Open_Stage.png
cdn.fourthwalltickets.com/uploads/show/imgs/333/
39 KB
39 KB
Image
General
Full URL
https://cdn.fourthwalltickets.com/uploads/show/imgs/333/LSI_Open_Stage.png
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
53c0ab05073b21f4832a785769c03d499051e00f90db24930836f23c0518b903
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Fri, 30 Dec 2022 22:16:02 GMT
x-amz-request-id
tx00000000000001697be31-0064a69fd3-6ffce900-nyc3c
etag
"5f8f7b049a59624bc3572fa05dd94a66"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1692236757.dop158.fr8.t,1692236757.cds168.fr8.hn,1692236757.cds282.fr8.c
content-type
image/png
x-rgw-object-type
Normal
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
39682
logo_oneline-e7f99717709d259a857fc4c0cb5cf2d971bff0a68d31f4260bb2441ab46846fc.svg
lsi.fourthwalltickets.com/assets/logos/
25 KB
10 KB
Image
General
Full URL
https://lsi.fourthwalltickets.com/assets/logos/logo_oneline-e7f99717709d259a857fc4c0cb5cf2d971bff0a68d31f4260bb2441ab46846fc.svg
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0647f9c2df6dadae1971f1ed9e2a4eee79e521cbb4ffaf4d3c375b975c5e0733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
c29540e2-e6b0-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private
cf-ray
7f7e3d988a811c1c-FRA
js
www.googletagmanager.com/gtag/
233 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E4S8M8WH5S
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa5515faac4542654a7a2f01b1f0632a2672ae15c1a8f7ab1f773b1cca7b0b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83236
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 01:45:57 GMT
js
www.googletagmanager.com/gtag/
204 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-945958526
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71a2bf777ce25340fddd960373b3756d1f30649d73abf574a71265d68596759f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74179
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 00:46:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 01:45:58 GMT
hotjar-2967385.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2967385.js?sv=6
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-45.prg50.r.cloudfront.net
Software
/
Resource Hash
48fbedccce10e1d831dd5fbae5eda3690efa3af28dfa42f89038b1f795dbb601
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/6f6cac71bf3ba14d5e67e7a7b8ce18bb
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Dk-TWxlBTfaETXB1ckPhMBQLAxDEHywpqUq42rEMit_JxqKSJspWoA==
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/packs/css/application-625d8bf0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 01:45:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 01:39:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 01:45:57 GMT
main-iframe.html
web.squarecdn.com/1.51.1/ Frame F001
330 KB
92 KB
Document
General
Full URL
https://web.squarecdn.com/1.51.1/main-iframe.html?applicationId=sq0idp-ppoQRqs1Ay3dz_6SHlUoUg&hostname=lsi.fourthwalltickets.com
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:dc00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13deb2cdada9ebedb8a8edd55994e81a29faccf121da743325127dd9bb0a71fc

Request headers

Referer
https://lsi.fourthwalltickets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
300
age
19050
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Wed, 16 Aug 2023 20:31:13 GMT
etag
W/"271389261928d88a9b46ce236a88f298"
last-modified
Wed, 09 Aug 2023 15:41:26 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-id
vLSsAhqgWsy-irzZfC9XUfkClRc5PCq-puQetoSqdrblJUmv8kU1aA==
x-amz-cf-pop
DUS51-P2
x-amz-meta-md5checksum
JxOJJhko2IqbRs4jaojymA==
x-amz-meta-websdk-version
1.51.1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
tNKffLdxg1VTypz1J6G0A1xZ4Lzplz4u
x-cache
Hit from cloudfront
event
plausible.io/api/
2 B
477 B
XHR
General
Full URL
https://plausible.io/api/event
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://lsi.fourthwalltickets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
cdn-edgestorageid
1080
cdn-cachedat
08/17/2023 01:45:58
cdn-pullzone
682664
application
10.0.1.2
content-length
2
x-request-id
F3wIXZgNIT1cF5dCdGGG
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
4258952fa54f0b5a81c779b3e0c18291
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lsi.fourthwalltickets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
438055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
bootstrap-icons-1ed478a6.woff2
lsi.fourthwalltickets.com/packs/media/fonts/
100 KB
100 KB
Font
General
Full URL
https://lsi.fourthwalltickets.com/packs/media/fonts/bootstrap-icons-1ed478a6.woff2
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/packs/css/application-625d8bf0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b942 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

Request headers

Referer
https://lsi.fourthwalltickets.com/packs/css/application-625d8bf0.css
Origin
https://lsi.fourthwalltickets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
c29540e2-e6b0-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
private
accept-ranges
bytes
cf-ray
7f7e3d99cb0a1c1c-FRA
content-length
102536
js
www.googletagmanager.com/gtag/
179 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-212453793-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E4S8M8WH5S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
792f67f6faceec82b4b53fb5af5d5a24a7d95a4fb1c4f509b56d4f9222fa961e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66536
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 00:46:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 01:45:58 GMT
collect
region1.google-analytics.com/g/
0
261 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E4S8M8WH5S&gtm=45je38g0h2&_p=1265541416&cid=1645641871.1692236758&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692236758&sct=1&seg=0&dl=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00&dt=LSI%20Open%20Stage%20%E2%80%A2%20Logan%20Square%20Improv&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E4S8M8WH5S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 01:45:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lsi.fourthwalltickets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
204 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-945958526&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E4S8M8WH5S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6da82f083e4b33e22fc41b1b2bb58b8e36394cfc89eb5960478c900c40cb37f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74075
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 00:46:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Aug 2023 01:45:58 GMT
modules.be28aa100b6c5e9c734a.js
script.hotjar.com/
223 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.be28aa100b6c5e9c734a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2967385.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 10:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
54652
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55605
last-modified
Wed, 16 Aug 2023 10:34:51 GMT
etag
"452f7cb7245126a3677ef01e073b98fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
P2DniVi-4z2RX8aKX1E9Be5lcFatbpNKEfvYu__7IWQ7wRDhVI-ghg==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/945958526/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945958526/?random=1692236758250&cv=11&fst=1692236758250&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00&hn=www.googleadservices.com&frm=0&tiba=LSI%20Open%20Stage%20%E2%80%A2%20Logan%20Square%20Improv&auid=1803913703.1692236758&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945958526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd0613bdff5ce4a6bd2fc6a7202c9a2d17996df491a2a91f65b4f08a06c5170c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hydrate
pci-connect.squareup.com/payments/ Frame
0
0
Preflight
General
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-ppoQRqs1Ay3dz_6SHlUoUg&hostname=lsi.fourthwalltickets.com&locationId=LR1GP5X06Y9DG&version=1.51.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://web.squarecdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://web.squarecdn.com
cf-cache-status
DYNAMIC
cf-ray
7f7e3d9c1e075c26-FRA
content-length
0
date
Thu, 17 Aug 2023 01:45:58 GMT
server
cloudflare
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-sq-dc
iad2b
x-sq-region
iad2b
x-xss-protection
1; mode=block
hydrate
pci-connect.squareup.com/payments/ Frame F001
990 B
1 KB
Fetch
General
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-ppoQRqs1Ay3dz_6SHlUoUg&hostname=lsi.fourthwalltickets.com&locationId=LR1GP5X06Y9DG&version=1.51.1
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.1/main-iframe.html?applicationId=sq0idp-ppoQRqs1Ay3dz_6SHlUoUg&hostname=lsi.fourthwalltickets.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97815835034d62fc8bd2501d420021dca02e79222cd1082484ab8338bbadddb0
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
square-version
2022-01-20
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
x-speleo-traceid
CDN-6b1ae333-e001-433b-95f4-08ba26f2b28e
x-sq-region
iad2b
content-length
582
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f7e3d9d1e8a1c2e-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
js
www.googletagmanager.com/gtag/
216 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V35DY1THCL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212453793-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e869d4fec556b1343ea746fd8a054b0ec3ca4f5c18588c97a627b2c4ecb60546
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78240
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 17 Aug 2023 01:45:58 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212453793-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 23:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6975
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 17 Aug 2023 01:49:43 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V35DY1THCL&gtm=45je3890&_p=1265541416&cid=1645641871.1692236758&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692236758&sct=1&seg=0&dl=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00&dt=LSI%20Open%20Stage%20%E2%80%A2%20Logan%20Square%20Improv&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V35DY1THCL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 01:45:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lsi.fourthwalltickets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/945958526/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/945958526/?random=1692236758250&cv=11&fst=1692234000000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00&frm=0&tiba=LSI%20Open%20Stage%20%E2%80%A2%20Logan%20Square%20Improv&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2670581579&rmt_tld=0&ipr=y
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 01:45:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/945958526/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/945958526/?random=1692236758250&cv=11&fst=1692234000000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00&frm=0&tiba=LSI%20Open%20Stage%20%E2%80%A2%20Logan%20Square%20Improv&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2670581579&rmt_tld=1&ipr=y
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 01:45:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1265541416&t=pageview&_s=1&dl=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00&ul=en-us&de=UTF-8&dt=LSI%20Open%20Stage%20%E2%80%A2%20Logan%20Square%20Improv&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1755071120&gjid=897236158&cid=1645641871.1692236758&tid=UA-212453793-1&_gid=34509404.1692236758&_r=1&gtm=457e3890&jsscut=1&z=47145454
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lsi.fourthwalltickets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 01:45:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lsi.fourthwalltickets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
data.js
js.squareup.com/payments/
80 KB
25 KB
Script
General
Full URL
https://js.squareup.com/payments/data.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b487ea35ed7dc18be58a5090925a87a78af7d9bee804a77c9309bf093e4cbf5
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=631152000; includeSubDomains; preload
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-sq-region
iad2b
cf-ray
7f7e3d9ffcdc6967-FRA
x-xss-protection
1; mode=block
single-card-element-iframe.html
web.squarecdn.com/1.51.1/ Frame 675E
8 KB
2 KB
Document
General
Full URL
https://web.squarecdn.com/1.51.1/single-card-element-iframe.html
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:dc00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer
https://lsi.fourthwalltickets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
300
age
75861
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Wed, 16 Aug 2023 05:05:26 GMT
etag
W/"03e704396b83c27986cdb35eb350b127"
last-modified
Wed, 09 Aug 2023 15:41:26 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-id
z0aUOLf82zz1_V5CemqlRiDQjYtkfjiFqn2P2kPPPJFRN5x00i6bDg==
x-amz-cf-pop
DUS51-P2
x-amz-meta-md5checksum
A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version
1.51.1
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
UhBWJLPORjkbq.qKwu.BJYJAFVA45Tjn
x-cache
Hit from cloudfront
v2
pci-connect.squareup.com/payments/mtx/
0
110 B
Ping
General
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lsi.fourthwalltickets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 17 Aug 2023 01:45:59 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
x-sq-region
iad2b
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://lsi.fourthwalltickets.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f7e3d9ff8171c2e-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
card-wrapper.css
web.squarecdn.com/1.51.1/
5 KB
2 KB
Stylesheet
General
Full URL
https://web.squarecdn.com/1.51.1/card-wrapper.css
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:dc00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lsi.fourthwalltickets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
Z1KsQJQMROqf_FSh0sTUSuzSh7OW8gFB
content-encoding
gzip
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 06:40:39 GMT
x-amz-cf-pop
DUS51-P2
age
68856
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-websdk-version
1.51.1
last-modified
Wed, 09 Aug 2023 15:41:26 GMT
server
AmazonS3
etag
W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
x-amz-meta-md5checksum
/I3t4KVd6uEyLV2AsOhIqQ==
cache-control
public, max-age=300
vary
Accept-Encoding
x-amz-cf-id
DIJLkobXiFzGz7uERgAAhQOTrZkejj6K4Hl0pA2w8ueRp34Be__XVw==
v2
pci-connect.squareup.com/payments/mtx/ Frame F001
0
44 B
Ping
General
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.1/main-iframe.html?applicationId=sq0idp-ppoQRqs1Ay3dz_6SHlUoUg&hostname=lsi.fourthwalltickets.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.squarecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 17 Aug 2023 01:45:59 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
x-sq-region
iad2b
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f7e3da168fe1c2e-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
frame.html
connect.squareup.com/payments/data/ Frame 9EDD
33 KB
13 KB
Document
General
Full URL
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb8b198f2e59276ef9fb23e3b17f8ba3c3dba6ee681609841096f1c54392ebd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lsi.fourthwalltickets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f7e3da2e98bbbbc-FRA
content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
content-type
text/html
date
Thu, 17 Aug 2023 01:45:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-sq-dc
iad2b
x-sq-region
iad2b
x-xss-protection
1; mode=block
logs
csp-report.browser-intake-datadoghq.com/api/v2/ Frame 9EDD
0
0
Other
General
Full URL
https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Requested by
Host: lsi.fourthwalltickets.com
URL: https://lsi.fourthwalltickets.com/shows/lsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f?date=2023-08-20T18:00:00
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:52fa:482f:204d:5da6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.squareup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/csp-report

Response headers

token
connect.squareup.com/v2/analytics/ Frame 9EDD
108 B
519 B
XHR
General
Full URL
https://connect.squareup.com/v2/analytics/token
Requested by
Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75dac03029bf91a5d10af8bd3e5d9308b4d42b5e10b232442b1b96699020a0e6
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Flsi.fourthwalltickets.com%2Fshows%2Flsi-open-stage-99bc037d-dc25-4d8a-ad81-3ec99a146c4f%3Fdate%3D2023-08-20T18%3A00%3A00
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 01:45:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
square-version
2022-01-20
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
x-speleo-traceid
CDN-5f1e6e4d-6a22-4d27-9034-715f65cb086a
x-sq-region
iad2b
content-length
125
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://connect.squareup.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f7e3da41a4bbbbc-FRA
access-control-allow-headers
Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies
v2
pci-connect.squareup.com/payments/mtx/
0
67 B
Ping
General
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lsi.fourthwalltickets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 17 Aug 2023 01:46:00 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-sq-dc
iad2b
x-permitted-cross-domain-policies
none
x-sq-region
iad2b
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://lsi.fourthwalltickets.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-ray
7f7e3da62bbf1c2e-FRA
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| hj object| _hjSettings object| webpackJsonp object| regeneratorRuntime object| Turbo object| Stimulus number| uidEvent object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| flatpickr object| FullCalendarVDom boolean| _rails_loaded function| setImmediate function| clearImmediate function| $ object| __SENTRY__ object| Square function| gtag object| dataLayer function| plausible object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

17 Cookies

Domain/Path Name / Value
.fourthwalltickets.com/ Name: _fourth_wall_session
Value: jSUNe7rmrXskItjYYvyHaOYLKzOgFtJYVFX7tpZbjpCSjK8HQSjNwLtsFfgLE3a8rYKWgw5KD5Pvth1GWMxTPIVxE%2FIf%2Fqf8oYJ0QD2APIODwfUhZXXXm5yivFhtqUpCMf1g6Tqc7%2BuHTTByv5FMoE6Qc4bkN8hHA8uVxgLB9tBU2idpkQ3VoEJfsjZ0IRZ0UtD60L%2BRMveJ9hJYGW16dJEKEBaKSiEaYp4QJl2nyzKqRNQPgs%2BpILNz2xajirWUykrRxUrPB64GlR%2FkFpGaJ3luYneEJ0p3FzNVsg%3D%3D--JC%2FalIICZaomZ%2Fvw--z7Fv97wo7%2BbCdGLjbB1FsQ%3D%3D
.fourthwalltickets.com/ Name: _ga_E4S8M8WH5S
Value: GS1.1.1692236758.1.0.1692236758.0.0.0
.fourthwalltickets.com/ Name: _gcl_au
Value: 1.1.1803913703.1692236758
.fourthwalltickets.com/ Name: _hjSessionUser_2967385
Value: eyJpZCI6IjdmOTdlMWVhLWY2M2YtNTk5MC04ODZlLTgyN2UxNzJkN2RiZSIsImNyZWF0ZWQiOjE2OTIyMzY3NTgzMTgsImV4aXN0aW5nIjpmYWxzZX0=
.fourthwalltickets.com/ Name: _hjFirstSeen
Value: 1
.fourthwalltickets.com/ Name: _hjIncludedInSessionSample_2967385
Value: 0
.fourthwalltickets.com/ Name: _hjSession_2967385
Value: eyJpZCI6IjgyOTZkN2Y1LTA2YjMtNGEyYy05MTEwLTYwMzM2MWNmMTczNCIsImNyZWF0ZWQiOjE2OTIyMzY3NTgzMjQsImluU2FtcGxlIjpmYWxzZX0=
.fourthwalltickets.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.fourthwalltickets.com/ Name: _ga_V35DY1THCL
Value: GS1.1.1692236758.1.0.1692236758.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fourthwalltickets.com/ Name: _ga
Value: GA1.2.1645641871.1692236758
.fourthwalltickets.com/ Name: _gid
Value: GA1.2.34509404.1692236758
.fourthwalltickets.com/ Name: _gat_gtag_UA_212453793_1
Value: 1
.squareup.com/ Name: _savt
Value: 26887670-756e-460c-8a56-2b13fa89aadd
.pci-connect.squareup.com/ Name: __cf_bm
Value: jaSfax_1OEdk_sEpYCbdWMfrHTn6rDJ4GgMYDBcog8A-1692236758-0-ATFeV54KzirtyUEKBxyNdsrq25shYwJpQu5Upu2669z0yJcX3oO2ceBFv71nVj6n/Z6ob2PjmhZ8wr0WjFh+nyM=
.js.squareup.com/ Name: __cf_bm
Value: 5IftwdeOb.OLYuQqEItBiN3VX1URizk_ggCYENgOG4U-1692236759-0-AfJpjvq6qq7mYyrZ+Psx6YlEliXnZ1mo51R3bO18jzuiYTXd+F/pn235XtxzgZWGKgDvuBF2xNAuT9dIklTDYGs=
.connect.squareup.com/ Name: __cf_bm
Value: mSrtrLVIpsncGLGsfDS_hvmN6gNbH24NxTe2p_WbUwE-1692236759-0-AV/VTzOgHMRWabjRKG3pMn7LbfTmeff+vSmVNM4n31+kXIY5GbLKiTaed7YH/bINfioxSemiqfn5kuaeY18vopc=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fourthwalltickets.com
connect.squareup.com
csp-report.browser-intake-datadoghq.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.squareup.com
lsi.fourthwalltickets.com
pci-connect.squareup.com
plausible.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
web.squarecdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
162.159.140.47
172.66.0.47
2001:4860:4802:32::36
205.185.216.42
2400:52e0:1e00::1080:1
2600:1f18:24e6:b902:52fa:482f:204d:5da6
2600:9000:2315:dc00:13:4005:e4c0:93a1
2606:4700::6811:b942
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
52.222.236.122
65.9.95.45
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0647f9c2df6dadae1971f1ed9e2a4eee79e521cbb4ffaf4d3c375b975c5e0733
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
13deb2cdada9ebedb8a8edd55994e81a29faccf121da743325127dd9bb0a71fc
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3eb8b198f2e59276ef9fb23e3b17f8ba3c3dba6ee681609841096f1c54392ebd
48fbedccce10e1d831dd5fbae5eda3690efa3af28dfa42f89038b1f795dbb601
53c0ab05073b21f4832a785769c03d499051e00f90db24930836f23c0518b903
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da82f083e4b33e22fc41b1b2bb58b8e36394cfc89eb5960478c900c40cb37f0
71a2bf777ce25340fddd960373b3756d1f30649d73abf574a71265d68596759f
75dac03029bf91a5d10af8bd3e5d9308b4d42b5e10b232442b1b96699020a0e6
792f67f6faceec82b4b53fb5af5d5a24a7d95a4fb1c4f509b56d4f9222fa961e
7b487ea35ed7dc18be58a5090925a87a78af7d9bee804a77c9309bf093e4cbf5
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
97815835034d62fc8bd2501d420021dca02e79222cd1082484ab8338bbadddb0
9991a514a6377cdc6ac344a3c713dc3298836019ea4c1f09033636fe8f28dc59
aa0b1c4a8f2973026b8079f78bfa59d9c2497d92044c05bfacfc79ba4b3e1ee8
aa5515faac4542654a7a2f01b1f0632a2672ae15c1a8f7ab1f773b1cca7b0b51
ac51a53a4e95a12dbf9691794436cc646c1a25d21d54c4cbcd3ff44cc50aad1b
b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df174040d08e621f3ea7fa2012ee327cf7899d8ece1355da7ea8652f55c2e345
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e869d4fec556b1343ea746fd8a054b0ec3ca4f5c18588c97a627b2c4ecb60546
eaf830a97320836e706f8f39e9e46d8476e0dabd97eb5e6abebcad3d55480931
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65dcee92197937aa6bb88047191a36f1c31c2f75f4d3acc5aa390f2bcdf7935
fd0613bdff5ce4a6bd2fc6a7202c9a2d17996df491a2a91f65b4f08a06c5170c