ticket.emlt.ddnss.de Open in urlscan Pro
217.235.42.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ticket.emlt.ddnss.de/
Submission: On October 18 via automatic, source certstream-suspicious (October 18th 2022, 3:02:25 pm UTC) — Scanned from DE

Summary HTTP 76 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 76 HTTP transactions. The main IP is 217.235.42.93, located in Hamburg, Germany and belongs to DTAG Internet service provider operations, DE. The main domain is ticket.emlt.ddnss.de.
TLS certificate: Issued by R3 on October 18th 2022. Valid for: 3 months.

This is the only time ticket.emlt.ddnss.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	217.235.42.93 217.235.42.93	3320 (DTAG Inte...) (DTAG Internet service provider operations)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:2a7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	72.47.227.13 72.47.227.13	31815 (MEDIATEMPLE) (MEDIATEMPLE)
1 2	2606:4700:303... 2606:4700:3031::6815:11a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	151.101.193.185 151.101.193.185	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	138.201.65.48 138.201.65.48	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3	199.232.198.2 199.232.198.2	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
76	23

20 217.235.42.93 (Hamburg, Germany)

ASN3320 (DTAG Internet service provider operations, DE)
PTR: pd9eb2a5d.dip0.t-ipconnect.de

ticket.emlt.ddnss.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2a7a (United States)

ASN13335 (CLOUDFLARENET, US)

bootswatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.47.227.13 (United States)

ASN31815 (MEDIATEMPLE, US)
PTR: agaacqmsoq.c03.gridserver.com

www.cornify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:11a7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hitwebcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hitwebcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.193.185 (United States)

ASN54113 (FASTLY, US)

giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.dragon.best

insult.mattbas.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.198.2 (United States)

ASN54113 (FASTLY, US)

media1.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media4.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ddnss.de ticket.emlt.ddnss.de	7 MB
14	giphy.com giphy.com — Cisco Umbrella Rank: 1111 media1.giphy.com — Cisco Umbrella Rank: 2073 media4.giphy.com — Cisco Umbrella Rank: 2076	1 MB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	209 KB
8	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2668 www.google-analytics.com — Cisco Umbrella Rank: 32	60 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	gstatic.com fonts.gstatic.com	70 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	5 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724 www.google.de — Cisco Umbrella Rank: 6045	1 KB
2	hitwebcounter.com 1 redirects hitwebcounter.com — Cisco Umbrella Rank: 114491 www.hitwebcounter.com — Cisco Umbrella Rank: 122988	2 KB
2	cornify.com www.cornify.com	11 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	53 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	694 B
1	mattbas.org insult.mattbas.org	807 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	942 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 677	33 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	75 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	28 KB
1	bootswatch.com bootswatch.com — Cisco Umbrella Rank: 149816	29 KB
0	cdnfonts.com Failed fonts.cdnfonts.com Failed
76	19

	Domain	Requested by
20	ticket.emlt.ddnss.de	ticket.emlt.ddnss.de
11	giphy.com	ticket.emlt.ddnss.de giphy.com
7	pagead2.googlesyndication.com	ticket.emlt.ddnss.de pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.google-analytics.com	giphy.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	giphy.com tpc.googlesyndication.com
2	media1.giphy.com	giphy.com
2	region1.google-analytics.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.cornify.com	ticket.emlt.ddnss.de
2	cdn.jsdelivr.net	ticket.emlt.ddnss.de
1	media4.giphy.com	giphy.com
1	www.google.de	giphy.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	insult.mattbas.org	ticket.emlt.ddnss.de
1	fonts.googleapis.com	bootswatch.com
1	www.hitwebcounter.com	ticket.emlt.ddnss.de
1	hitwebcounter.com	1 redirects
1	code.jquery.com	ticket.emlt.ddnss.de
1	www.googletagmanager.com	ticket.emlt.ddnss.de
1	cdnjs.cloudflare.com	ticket.emlt.ddnss.de
1	bootswatch.com	ticket.emlt.ddnss.de
0	fonts.cdnfonts.com Failed	ticket.emlt.ddnss.de
76	27

This site contains links to these domains. Also see Links.

Domain
sharepointlist.com
www.cornify.com
youtu.be
downloadmoreram.com
github.com
discord.gg
www.sysengineer.dev
get.adobe.com
www.hitwebcounter.com
mspgeek.org
sociall.link

Subject Issuer	Validity	Valid
ticket.emlt.ddnss.de R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
cornify.com Starfield Secure Certificate Authority - G2	`2021-12-02` - `2023-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
giphy.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-04` - `2023-03-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
insult.mattbas.org R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-04` - `2023-03-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ticket.emlt.ddnss.de/
Frame ID: C53F3EC059FBA7FECCB19364AAE6D9F4
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: 3B083E9D04831732EA7F3C0EB0EFE6DA
Requests: 1 HTTP requests in this frame

Frame: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW
Frame ID: 1F2FB76BB47674CF7A188E5E175EFFC3
Requests: 8 HTTP requests in this frame

Frame: https://giphy.com/embed/WZOffTa9X1FZe
Frame ID: CFF67DC29A0584CA38C733F4341CD3DE
Requests: 10 HTTP requests in this frame

Frame: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw
Frame ID: 91810392CA9D849161617BFBC0419413
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6871418367983282&output=html&adk=1812271804&adf=3025194257&lmt=1666097418&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fticket.emlt.ddnss.de%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666105336063&bpp=188&bdt=1146&idt=1089&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5687888905263&frm=20&pv=2&ga_vid=968407597.1666105336&ga_sid=1666105337&ga_hid=1937259511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531706%2C31070385%2C44770881%2C44773746&oid=2&pvsid=742224634047764&tmod=2089951684&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1132
Frame ID: C3C68BBDE17C2C5B4D64377FC15A621B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFCA14BD47F1053A16121C5BE68DF449
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6040BFE7ADB8BDC107978F0C28B297D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ever - Helpdesk Ticket SystemService N

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

76
Requests

97 %
HTTPS

77 %
IPv6

19
Domains

27
Subdomains

23
IPs

4
Countries

8870 kB
Transfer

11401 kB
Size

6
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://sharepointlist.com/

Search URL Search Domain Scan URL

URL: http://www.cornify.com/

Search URL Search Domain Scan URL

URL: https://youtu.be/dQw4w9WgXcQ
Title: Request New Computer

Search URL Search Domain Scan URL

URL: https://downloadmoreram.com/
Title: Download RAM

Search URL Search Domain Scan URL

URL: https://github.com/sysengineer13/ServiceNever
Title: ServiceNever.Git

Search URL Search Domain Scan URL

URL: https://sharepointlist.com/feedback.html
Title: Submit Feedback

Search URL Search Domain Scan URL

URL: https://discord.gg/RRQqWKDDeR
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.sysengineer.dev/
Title: Merch

Search URL Search Domain Scan URL

URL: https://get.adobe.com/flashplayer/about
Title: Click here for virus

Search URL Search Domain Scan URL

URL: https://www.hitwebcounter.com/

Search URL Search Domain Scan URL

URL: https://www.sysengineer.dev/listing/service-never?product=212

Search URL Search Domain Scan URL

URL: https://mspgeek.org/?utm_source=sharepointlist.com&utm_medium=ad&utm_campaign=mspgeek&utm_id=MSPgeek

Search URL Search Domain Scan URL

URL: https://sociall.link/sysengineer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://hitwebcounter.com/counter/counter.php?page=8023430&style=0027&nbdigits=5&type=page&initCount=7881 HTTP 301
https://www.hitwebcounter.com/counter/counter.php?page=8023430&style=0027&nbdigits=5&type=page&initCount=7881

76 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ticket.emlt.ddnss.de/ 27 KB
9 KB 179ms
73ms Document
text/html 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 8c09967303e9c9c64d90970c51a763268705ec54c1e2d6b4d4416dd7c5fc5d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 8647
content-type: text/html
date: Tue, 18 Oct 2022 15:02:14 GMT
etag: "6d74-5eb4e88c776ee-gzip"
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
vary: Accept-Encoding
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 site.css
ticket.emlt.ddnss.de/ 7 KB
2 KB 74ms
71ms Stylesheet
text/css 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/site.css
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 1401e2fa10937e1bf4e6b858fd7dd6560de99c4d0afce1037a7a1fed89e799e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "1afd-5eb4e88c776ee-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1759
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 captcha.css
ticket.emlt.ddnss.de/ 3 KB
1 KB 68ms
65ms Stylesheet
text/css 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/captcha.css
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: d3ccd9bc376e7849ccd65d7d528cabaeb7e607ddad5eefde05baec231d7f9807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "bc3-5eb4e88c7098e-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 919
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 111ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6871418367983282

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d507114944128cf5c4a9fefadf13233f1dcc546695dcbe7c7923652dacce28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ticket.emlt.ddnss.de/
Origin: https://ticket.emlt.ddnss.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55059
x-xss-protection: 0
server: cafe
etag: 6158169034456561032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 15:02:15 GMT

GET
H2 200 CAPTCHA.js Show response
ticket.emlt.ddnss.de/ 745 B
627 B 69ms
66ms Script
application/javascript 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/CAPTCHA.js
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 160f9a25079e31b32baf64e5f16d4c39a560d5f37abd2fad66b5039baa2d08b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "2e9-5eb4e88c7098e-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 416
x-served-by: ticket.emlt.ddnss.de

GET
H2 404 chat.js
ticket.emlt.ddnss.de/ 0
0 75ms
72ms Script
text/html 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/chat.js
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=iso-8859-1

GET
H2 404 phone.js
ticket.emlt.ddnss.de/ 0
0 69ms
67ms Script
text/html 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/phone.js
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=iso-8859-1

GET
H2 404 chat.css
ticket.emlt.ddnss.de/ 0
0 68ms
66ms Stylesheet
text/html 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/chat.css
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=iso-8859-1

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/ 78 KB
24 KB 113ms
66ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ticket.emlt.ddnss.de/
Origin: https://ticket.emlt.ddnss.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7858247
x-jsd-version: 5.2.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19126-FRA, cache-itm18840-ITM
x-jsd-version-type: version
server: cloudflare
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8j73EsIbFSorG2O6NGICs3AOayPAFogoVPgZWo%2BMSsKxfC%2FSQDIVdbc5HFlLh76WOZkW5TfkGtY5cBlH5v%2B0QmMUzrfcRZusXzUUgzjAlet495ujORSN0inNsiS7qQID6DInAdeXy8m8ZJ5LOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75c227679add68fe-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 190 KB
29 KB 110ms
63ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ticket.emlt.ddnss.de/
Origin: https://ticket.emlt.ddnss.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7858928
x-jsd-version: 5.2.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19167-FRA, cache-iad-kiad7000134-IAD
x-jsd-version-type: version
server: cloudflare
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR0T8SRHvDVhAFYtOOJZtKf8fQG6946t27odv8GIVlVQru7eBSKO7P0tBneh7YV73gouO3aUmx1lwFmp7OhwGWlmnN%2BzP%2FldHFARv0xNxvZKPjTJ2tVuLA5kMigKq8IWxN3t3OidkHZXzYuXtMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 75c227679ad468fe-FRA

GET
H2 200 bootstrap.min.css
bootswatch.com/5/darkly/ 191 KB
29 KB 282ms
225ms Stylesheet
text/css 2606:4700:3031::6815:2a7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bootswatch.com/5/darkly/bootstrap.min.css
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a341c81424fcd26970983f56c9a675e56c1f7542b903e80cbd55aff09d3894a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Tue, 18 Oct 2022 15:02:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Oct 2022 17:42:10 GMT
server: cloudflare
x-github-request-id: A37A:0DD8:55FC18:70800A:63485F3E
etag: W/"63484df2-2fbf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHqZL2wJAOIVAwdDB92Lv7M2qt4vGZ9%2FyrtsOM3FueRxaOdLnncxMFMvjNKpXb9WPMgdw9K1cCsPa50WKir19edxthDKdk0pKs%2B0Uqw1VUu6bnWdnBcnr3G4Pu8JKdkm5NXC6FuQyvXlPVhujQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 75c227679bf49036-FRA
expires: Tue, 18 Oct 2022 15:12:15 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 79ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6984842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR00gB89wLVBDR43ILvUR2uka2uEkxO1sQByw7%2FtZ8Hbc0ionTkLNspYUUbB%2F%2BbqHNCGMv%2B9IbdHB%2FHxS5AaBPxusGjFjoltf0LQ8FWVMfq6O2LG%2BIh1lEwf5YB9xoiD%2BNLSP5c%2B3HdEZc49UcOkqpgN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75c227678f799a1e-FRA
expires: Sun, 08 Oct 2023 15:02:14 GMT

GET
H2 200 audio.js Show response
ticket.emlt.ddnss.de/js/ 648 B
567 B 69ms
67ms Script
application/javascript 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/js/audio.js
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 90b20eafb03704b27769d7b11b652e6404a1d27e6eb99885c33c1f5f74040e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:14 GMT
content-encoding: gzip
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "288-5eb4e88c776ee-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 356
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 94ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EC3PK322B1

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3f35ae81857c1ce4a7c0d89180f671b60926d6e4dfff3f5c4c040427289b629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Oct 2022 15:02:16 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 1301ms
1241ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:15 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1666105335.dop131.fr8.t,1666105335.cds108.fr8.hn,1666105335.cds167.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 banner.png
ticket.emlt.ddnss.de/images/ 92 KB
92 KB 65ms
64ms Image
image/png 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/banner.png
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 26303d233217266d4ba9a94a14d87541d1bdbd5df2df03511eb6ff9f81022633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "16e10-5eb4e88c7192e"
content-type: image/png
accept-ranges: bytes
content-length: 93712
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 cornify-button.png
www.cornify.com/assets/ 6 KB
7 KB 166ms
165ms Image
image/png 72.47.227.13
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cornify.com/assets/cornify-button.png

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.47.227.13 , United States, ASN31815 (MEDIATEMPLE, US),

Reverse DNS

agaacqmsoq.c03.gridserver.com

Software

nginx /

Resource Hash

77c1c70bde8833f9bc97f987713d9b75e1cab99e878fe0caf3aba810b02e73ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 06 Dec 2016 21:20:09 GMT
server: nginx
etag: "19fe-54303f80b3440"
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
content-length: 6654

GET
H2 200 cornify.js Show response
www.cornify.com/js/ 11 KB
4 KB 699ms
174ms Script
application/javascript 72.47.227.13
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cornify.com/js/cornify.js

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.47.227.13 , United States, ASN31815 (MEDIATEMPLE, US),

Reverse DNS

agaacqmsoq.c03.gridserver.com

Software

nginx /

Resource Hash

623508806cc3d922b883004f38491d1a5f063b55689c4bf7f73f240c7de4f677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 16 Feb 2020 12:18:12 GMT
server: nginx
etag: "2ce3-59eb06eafc900-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
content-length: 3565

GET
H2 200 off-on.gif
ticket.emlt.ddnss.de/images/ 826 KB
827 KB 134ms
131ms Image
image/gif 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/off-on.gif
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 2909f9d5a46863f779fa3da8ce9780088df6c909005e2f21339c1272949cc06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "ce62e-5eb4e88c757ae"
content-type: image/gif
accept-ranges: bytes
content-length: 845358
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 jurrasic-park-samuel-l-jackson.gif
ticket.emlt.ddnss.de/images/ 2 MB
2 MB 129ms
126ms Image
image/gif 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/jurrasic-park-samuel-l-jackson.gif
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: cf678c4c40ea924e5eb99f949faac211d183e2fdf611468afd4660d4534d9e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "2543a4-5eb4e88c7480e"
content-type: image/gif
accept-ranges: bytes
content-length: 2442148
x-served-by: ticket.emlt.ddnss.de

GET
H2

200

counter.php
www.hitwebcounter.com/counter/
Redirect Chain

https://hitwebcounter.com/counter/counter.php?page=8023430&style=0027&nbdigits=5&type=page&initCount=7881
https://www.hitwebcounter.com/counter/counter.php?page=8023430&style=0027&nbdigits=5&type=page&initCount=7881

1 KB
2 KB

412ms
390ms

Image
text/html

2606:4700:3031::6815:11a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hitwebcounter.com/counter/counter.php?page=8023430&style=0027&nbdigits=5&type=page&initCount=7881
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Server: 2606:4700:3031::6815:11a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f5f59108264725b16423e1f9a892f01e88d6faf11f5ebe10651c0f289d1031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXEiaEPWKND2viW7vmQju309xiimHNr1tl0u3mC%2F9KWlx0hrd9QqRHoNEsnDnN91dLUM2he3jsT3t4H2I86s2Iq65YWa2%2FnnUnXBgNdFD6KzNcrOZBmvjBv85aVTQAt1ZUUiyvB%2FAqWeaJE%2B2n%2BQ9cynLCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 75c22774bd289bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 18 Oct 2022 15:02:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df9foSVKKEdl5IBB%2F8slpU4%2FEAio3A8w2rqCsrwGMpJEq1dJM3aZZ9WCpeCP0fzJwDEtUiz%2Fy7I3chEQdqi79qHkl0M%2BY4oemYvfKpy0PoLd5ULIMip3SSZe7w2kUAZQFqNzxdiQcjr3orJSmTsR5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://www.hitwebcounter.com/counter/counter.php?page=8023430&style=0027&nbdigits=5&type=page&initCount=7881
cf-ray: 75c227717c8b9bc2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 waldoicons.png
ticket.emlt.ddnss.de/images/ 5 KB
5 KB 146ms
143ms Image
image/png 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/waldoicons.png
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 1bc31656a5c01f348aecc33b864f61e2a38d7c641b27d01c3141530e60f3b6e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "1282-5eb4e88c776ee"
content-type: image/png
accept-ranges: bytes
content-length: 4738
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 800.png
ticket.emlt.ddnss.de/images/ 279 KB
279 KB 145ms
143ms Image
image/png 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/800.png
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 0022097ee1d9918e6b3d010272b89e45b6364f88fe7569456de9301bc3229088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "45a29-5eb4e88c7192e"
content-type: image/png
accept-ranges: bytes
content-length: 285225
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 mspgeek.png
ticket.emlt.ddnss.de/images/ 18 KB
18 KB 145ms
143ms Image
image/png 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/mspgeek.png
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 56e15021e3e3dd8708fb51c3ce0a06c56833f287a91135d346a627d23d412ade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "4760-5eb4e88c7480e"
content-type: image/png
accept-ranges: bytes
content-length: 18272
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 Microwave%20Edge.png
ticket.emlt.ddnss.de/images/ 87 KB
87 KB 138ms
136ms Image
image/png 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/Microwave%20Edge.png
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: cc97dd0db4ed0f3d94668dcd170b92d64a41418b261611c35aac995cf8c9c7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "15cab-5eb4e88c7192e"
content-type: image/png
accept-ranges: bytes
content-length: 89259
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 best-viewed.jpg
ticket.emlt.ddnss.de/images/ 8 KB
8 KB 145ms
143ms Image
image/jpeg 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/best-viewed.jpg
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 2055e604bf64c5db42b5ff544b2070e39f289fc4bc92d29e3f330f728e9f959c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "1fba-5eb4e88c7192e"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8122
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 frontpag.gif
ticket.emlt.ddnss.de/images/ 2 KB
2 KB 236ms
234ms Image
image/gif 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/frontpag.gif
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 085085786166795b99878d67bb60fe33375f089c17512301c8a2f12e9875b2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "73b-5eb4e88c7192e"
content-type: image/gif
accept-ranges: bytes
content-length: 1851
x-served-by: ticket.emlt.ddnss.de

GET comic-sans
fonts.cdnfonts.com/css/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
942 B 74ms
29ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: bootswatch.com
URL: https://bootswatch.com/5/darkly/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e2fc77315039f98f8fea47fece88e5b9a8485d1a666766d0ecfab7957ee6cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bootswatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 15:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 13:10:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 15:02:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 96ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6871418367983282&plah=ticket.emlt.ddnss.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6871418367983282

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94d746b7acef9c8038ba4c6731199d8967fe508381aaea78bba2c9e58385ebe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
server: cafe
etag: 7255185113619609732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 15:02:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame 3B08 10 KB
5 KB 71ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6871418367983282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:12:32 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:12:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 357ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EC3PK322B1&gtm=2oeah0&_p=1937259511&cid=968407597.1666105336&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666105336&sct=1&seg=0&dl=https%3A%2F%2Fticket.emlt.ddnss.de%2F&dt=Service%20Never%20-%20Helpdesk%20Ticket%20System&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EC3PK322B1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 15:02:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ticket.emlt.ddnss.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2oUfvvUgQHnLsQWFMW Show response
giphy.com/embed/ Frame 1F2F 13 KB
3 KB 79ms
23ms Document
text/html 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/embed/2oUfvvUgQHnLsQWFMW

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9f375f83cd2d77c62ed1acf60fec3944b24fef52cf3c880afa6ed35558f4cda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1721
cache-control: s-maxage=3600, no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2831
content-type: text/html
date: Tue, 18 Oct 2022 15:02:16 GMT
server: nginx
strict-transport-security: max-age=15465600
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-served-by: cache-iad-kiad7000055-IAD, cache-hhn4063-HHN
x-timer: S1666105337.606064,VS0,VE1

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 361ms
63ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticket.emlt.ddnss.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 597247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 17:08:09 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 338ms
42ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticket.emlt.ddnss.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:09:03 GMT
x-content-type-options: nosniff
age: 597193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 17:09:03 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 310ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticket.emlt.ddnss.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 09:59:57 GMT
x-content-type-options: nosniff
age: 363739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 09:59:57 GMT

GET
H2 200 WZOffTa9X1FZe Show response
giphy.com/embed/ Frame CFF6 11 KB
3 KB 77ms
23ms Document
text/html 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/embed/WZOffTa9X1FZe

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f7dcc98441034a432f0fb8ed4a90ab2da3ce3a04b0abefcc57bd82de416c0fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1721
cache-control: s-maxage=3600, no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2577
content-type: text/html
date: Tue, 18 Oct 2022 15:02:16 GMT
server: nginx
strict-transport-security: max-age=15465600
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-served-by: cache-iad-kcgs7200049-IAD, cache-hhn4063-HHN
x-timer: S1666105337.606031,VS0,VE1

GET
H2 200 BjHIjM2YFC3rEUaMrw Show response
giphy.com/embed/ Frame 9181 12 KB
3 KB 78ms
24ms Document
text/html 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2ceeb92c9675b1d50be444014041bd2f827ee45ffeb3d51c8af15fc610e7958b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1721
cache-control: s-maxage=3600, no-cache, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2815
content-type: text/html
date: Tue, 18 Oct 2022 15:02:16 GMT
server: nginx
strict-transport-security: max-age=15465600
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-served-by: cache-iad-kcgs7200024-IAD, cache-hhn4063-HHN
x-timer: S1666105337.606007,VS0,VE2

GET
H2 200 waldo.jpg
ticket.emlt.ddnss.de/images/ 581 KB
582 KB 372ms
372ms Image
image/jpeg 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.emlt.ddnss.de/images/waldo.jpg
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/captcha.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: c402973da1354f989ad24c20ff7899eb6cc42900dd645a4bcfa4375b1259659a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/captcha.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "91360-5eb4e88c776ee"
content-type: image/jpeg
accept-ranges: bytes
content-length: 594784
x-served-by: ticket.emlt.ddnss.de

GET
H2 206 Hudson%20Mohawke%20-%20Cbat.mp3
ticket.emlt.ddnss.de/sound/ 3 MB
3 MB 444ms
443ms Media
audio/mpeg 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/sound/Hudson%20Mohawke%20-%20Cbat.mp3
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 4838447332256a541c98107e94acde1599cca3a4ce82c9be3336230a3c598431

Request headers

Referer: https://ticket.emlt.ddnss.de/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 18 Oct 2022 15:02:16 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "2a1740-5eb4e88c7b56e"
content-type: audio/mpeg
Content-Range: bytes 0-2758463/2758464
accept-ranges: bytes
Content-Length: 2758464
x-served-by: ticket.emlt.ddnss.de

GET
H/1.1 200
OK insult.json Show response
insult.mattbas.org/api/en_corporate/ 303 B
807 B 689ms
34ms Fetch
text/json 138.201.65.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://insult.mattbas.org/api/en_corporate/insult.json?who=Our+World+Class+Tech+Experts&plural=on

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.201.65.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

mail.dragon.best

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

60bcbb5f4b2154aa8ef72160b47d687cd78545efc7de9ae4f7dbfb8d65c34ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Oct 2022 15:02:17 GMT
Strict-Transport-Security: max-age=2678400
Server: Apache/2.4.41 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Insult-Url: /api/en_corporate/insult.json?who=Our+World+Class+Tech+Experts&plural=on
Access-Control-Allow-Origin: *
Content-Type: text/json
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 303
Expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 206 engineer_no01.mp3
ticket.emlt.ddnss.de/ 3 KB
4 KB 352ms
352ms Media
audio/mpeg 217.235.42.93
DTAG Internet ser...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.emlt.ddnss.de/engineer_no01.mp3
Requested by: Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.235.42.93 Hamburg, Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS: pd9eb2a5d.dip0.t-ipconnect.de
Software: openresty /
Resource Hash: 17b2fb60e79a19245147028e35073d2d32be0b87dc25dd65501cdf6b54665463

Request headers

Referer: https://ticket.emlt.ddnss.de/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
last-modified: Tue, 18 Oct 2022 12:50:18 GMT
server: openresty
etag: "df2-5eb4e88c7098e"
content-type: audio/mpeg
Content-Range: bytes 0-3569/3570
accept-ranges: bytes
Content-Length: 3570
x-served-by: ticket.emlt.ddnss.de

GET
H2 200 runtime.5e2d1328.bundle.js Show response
giphy.com/static/dist/ Frame CFF6 6 KB
3 KB 43ms
40ms Script
application/javascript 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/static/dist/runtime.5e2d1328.bundle.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d8d4d7d811a147a2f93df6b01c5c6f972f4df793cb5707294f91f1df6644a367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/WZOffTa9X1FZe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 661660
x-cache: HIT, HIT
content-length: 2816
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn4063-HHN
last-modified: Mon, 10 Oct 2022 22:54:43 GMT
server: nginx
x-timer: S1666105337.051050,VS0,VE0
etag: W/"8cb0365c2b3e90b44a1bd81229fb4e16"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 29, 9167

GET
H2 200 gifEmbed.e407ad57.bundle.js Show response
giphy.com/static/dist/ Frame CFF6 648 KB
196 KB 41ms
39ms Script
application/javascript 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/static/dist/gifEmbed.e407ad57.bundle.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d940d37e615f713b8c31f0fe3a96693d3afda57b8f1ab0cdce64429907a00d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/WZOffTa9X1FZe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 661660
x-cache: HIT, HIT
content-length: 200711
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn4063-HHN
last-modified: Mon, 10 Oct 2022 22:54:51 GMT
server: nginx
x-timer: S1666105337.051017,VS0,VE0
etag: W/"04ead85c584f7b81e3698bf1f82cf8ec"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 16, 6

GET
H2 200 runtime.5e2d1328.bundle.js Show response
giphy.com/static/dist/ Frame 1F2F 6 KB
3 KB 36ms
33ms Script
application/javascript 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/static/dist/runtime.5e2d1328.bundle.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d8d4d7d811a147a2f93df6b01c5c6f972f4df793cb5707294f91f1df6644a367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 661660
x-cache: HIT, HIT
content-length: 2816
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn4063-HHN
last-modified: Mon, 10 Oct 2022 22:54:43 GMT
server: nginx
x-timer: S1666105337.051004,VS0,VE0
etag: W/"8cb0365c2b3e90b44a1bd81229fb4e16"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 29, 9167

GET
H2 200 gifEmbed.e407ad57.bundle.js Show response
giphy.com/static/dist/ Frame 1F2F 648 KB
196 KB 35ms
32ms Script
application/javascript 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/static/dist/gifEmbed.e407ad57.bundle.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d940d37e615f713b8c31f0fe3a96693d3afda57b8f1ab0cdce64429907a00d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 661660
x-cache: HIT, HIT
content-length: 200711
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn4063-HHN
last-modified: Mon, 10 Oct 2022 22:54:51 GMT
server: nginx
x-timer: S1666105337.050991,VS0,VE0
etag: W/"04ead85c584f7b81e3698bf1f82cf8ec"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 16, 6

GET
H2 200 runtime.5e2d1328.bundle.js Show response
giphy.com/static/dist/ Frame 9181 6 KB
3 KB 102ms
101ms Script
application/javascript 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/static/dist/runtime.5e2d1328.bundle.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d8d4d7d811a147a2f93df6b01c5c6f972f4df793cb5707294f91f1df6644a367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 661660
x-cache: HIT, HIT
content-length: 2816
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn4063-HHN
last-modified: Mon, 10 Oct 2022 22:54:43 GMT
server: nginx
x-timer: S1666105337.058752,VS0,VE0
etag: W/"8cb0365c2b3e90b44a1bd81229fb4e16"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 29, 9168

GET
H2 200 gifEmbed.e407ad57.bundle.js Show response
giphy.com/static/dist/ Frame 9181 648 KB
196 KB 102ms
101ms Script
application/javascript 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://giphy.com/static/dist/gifEmbed.e407ad57.bundle.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d940d37e615f713b8c31f0fe3a96693d3afda57b8f1ab0cdce64429907a00d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 661660
x-cache: HIT, HIT
content-length: 200711
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn4063-HHN
last-modified: Mon, 10 Oct 2022 22:54:51 GMT
server: nginx
x-timer: S1666105337.058940,VS0,VE0
etag: W/"04ead85c584f7b81e3698bf1f82cf8ec"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 16, 7

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame CFF6 49 KB
20 KB 96ms
20ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6380
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 15:15:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1F2F 49 KB
20 KB 106ms
30ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6380
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 15:15:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9181 49 KB
20 KB 119ms
44ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: giphy.com
URL: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 13:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6380
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 15:15:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
694 B 106ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ticket.emlt.ddnss.de&callback=_gfp_s_&client=ca-pub-6871418367983282&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6871418367983282&plah=ticket.emlt.ddnss.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c84136fcf1caf50cd29f5b31e41dd97b391e2367952a974d4d8698e3e0da610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 140ms
28ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ticket.emlt.ddnss.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 139ms
31ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ticket.emlt.ddnss.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fticket.emlt.ddnss.de%2F&tn=DIV&cls=chat-open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: ticket.emlt.ddnss.de
URL: https://ticket.emlt.ddnss.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 15:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C3C6 603 B
68 B 122ms
58ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6871418367983282&output=html&adk=1812271804&adf=3025194257&lmt=1666097418&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fticket.emlt.ddnss.de%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666105336063&bpp=188&bdt=1146&idt=1089&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5687888905263&frm=20&pv=2&ga_vid=968407597.1666105336&ga_sid=1666105337&ga_hid=1937259511&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761792%2C42531706%2C31070385%2C44770881%2C44773746&oid=2&pvsid=742224634047764&tmod=2089951684&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1132

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 15:02:17 GMT
expires: Tue, 18 Oct 2022 15:02:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame CFF6 4 B
438 B 110ms
25ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38174542-5&cid=1117442823.1666105337&jid=2004066458&gjid=1761317147&_gid=556733114.1666105337&_u=IGBAgEABAAAAAEAAIC~&z=392439314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://giphy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Oct 2022 15:02:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://giphy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame CFF6 35 B
55 B 70ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=296426468&t=pageview&_s=1&dl=https%3A%2F%2Fgiphy.com%2Fembed%2FWZOffTa9X1FZe&dr=https%3A%2F%2Fticket.emlt.ddnss.de%2F&ul=en-us&de=UTF-8&dt=Why%20You%20Always%20Lying%20GIF%20-%20Find%20%26%20Share%20on%20GIPHY&sd=24-bit&sr=1600x1200&vp=&je=0&_u=IGBAgEABAAAAAAAAIC~&jid=2004066458&gjid=1761317147&cid=1117442823.1666105337&tid=UA-38174542-5&_gid=556733114.1666105337&z=2116953335

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 10:24:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9181 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame CFF6 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 1F2F 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 200w.webp
media1.giphy.com/media/BjHIjM2YFC3rEUaMrw/ Frame 9181 115 KB
115 KB 102ms
21ms Image
image/webp 199.232.198.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.giphy.com/media/BjHIjM2YFC3rEUaMrw/200w.webp?cid=dda24d50ad64bee09a84c6b6ac0b07382f3bf78c6b2315fe&rid=200w.webp&ct=g

Requested by

Host: giphy.com
URL: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e5ff4ff8a0b3cd8997439ebcd3c5ca00835ba04a5c42b736ca0c487ebd54b824

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 557751
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 117650
x-served-by: cache-iad-kiad7000044-IAD, cache-hhn4053-HHN
last-modified: Fri, 04 Dec 2020 18:13:53 GMT
x-timer: S1666105338.536109,VS0,VE1
etag: "1241ed4f4dbc7d2eeabae86a8f530819"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1025, 1

GET
H2 200 verified-badge.svg
giphy.com/static/img/embeds/ Frame 9181 1 KB
875 B 25ms
24ms Image
image/svg+xml 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giphy.com/static/img/embeds/verified-badge.svg

Requested by

Host: giphy.com
URL: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1617c840923e70e362d2a97fe41721a94a696ffb76a7d5060db81797d765f82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 3027314
x-cache: HIT, HIT
content-length: 643
x-served-by: cache-iad-kcgs7200081-IAD, cache-hhn4063-HHN
last-modified: Tue, 06 Sep 2022 21:29:36 GMT
server: nginx
x-timer: S1666105337.456588,VS0,VE0
etag: "67e92a504578b0e855753b215a0a498a"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3603, 670

GET
H2 200 ga-audiences
www.google.com/ads/ Frame CFF6 42 B
501 B 137ms
60ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38174542-5&cid=1117442823.1666105337&jid=2004066458&_u=IGBAgEABAAAAAEAAIC~&z=536927423

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 15:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame CFF6 42 B
501 B 135ms
58ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38174542-5&cid=1117442823.1666105337&jid=2004066458&_u=IGBAgEABAAAAAEAAIC~&z=536927423

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 15:02:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 200w.webp
media1.giphy.com/media/WZOffTa9X1FZe/ Frame CFF6 459 KB
459 KB 95ms
24ms Image
image/webp 199.232.198.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.giphy.com/media/WZOffTa9X1FZe/200w.webp?cid=dda24d5025332a5ba05fc9ce424b30b05ac61a5e3bf12dce&rid=200w.webp&ct=g

Requested by

Host: giphy.com
URL: https://giphy.com/embed/WZOffTa9X1FZe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34a2ed376514a58a3d3ca8fdb31bf4f431d644013a6d21b16181a0a3533340ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 1827686
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 469646
x-served-by: cache-iad-kjyo7100179-IAD, cache-hhn4053-HHN
last-modified: Thu, 29 Sep 2016 08:18:15 GMT
x-timer: S1666105338.535985,VS0,VE2
etag: "d8fca286926a3eb4de2adc87e7f4944c"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 85, 1

GET
H3 200 collect
www.google-analytics.com/ Frame 1F2F 35 B
55 B 22ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1335456607&t=pageview&_s=1&dl=https%3A%2F%2Fgiphy.com%2Fembed%2F2oUfvvUgQHnLsQWFMW&dr=https%3A%2F%2Fticket.emlt.ddnss.de%2F&ul=en-us&de=UTF-8&dt=Angry%20Season%206%20GIF%20by%20The%20Office%20-%20Find%20%26%20Share%20on%20GIPHY&sd=24-bit&sr=1600x1200&vp=&je=0&_u=ACCAgEABAAAAAAAAIC~&jid=&gjid=&cid=1117442823.1666105337&tid=UA-38174542-5&_gid=556733114.1666105337&z=2019194506

Requested by

Host: giphy.com
URL: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 10:24:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 verified-badge.svg
giphy.com/static/img/embeds/ Frame 1F2F 1 KB
734 B 24ms
21ms Image
image/svg+xml 151.101.193.185
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://giphy.com/static/img/embeds/verified-badge.svg

Requested by

Host: giphy.com
URL: https://giphy.com/static/dist/gifEmbed.e407ad57.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.185 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1617c840923e70e362d2a97fe41721a94a696ffb76a7d5060db81797d765f82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 3027314
x-cache: HIT, HIT
content-length: 643
x-served-by: cache-iad-kcgs7200081-IAD, cache-hhn4063-HHN
last-modified: Tue, 06 Sep 2022 21:29:36 GMT
server: nginx
x-timer: S1666105337.475234,VS0,VE0
etag: "67e92a504578b0e855753b215a0a498a"
vary: Accept-Encoding, X-UA-Device, Fastly-SSL
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3603, 671

GET
H2 200 200w.webp
media4.giphy.com/media/2oUfvvUgQHnLsQWFMW/ Frame 1F2F 109 KB
109 KB 94ms
19ms Image
image/webp 199.232.198.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media4.giphy.com/media/2oUfvvUgQHnLsQWFMW/200w.webp?cid=dda24d502ebf3dd190bc13c48cad640f6da35b72fbea97af&rid=200w.webp&ct=g

Requested by

Host: giphy.com
URL: https://giphy.com/embed/2oUfvvUgQHnLsQWFMW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9523ab3661706b96c2d01ec4eaea444a809c03d8a4d546393deff6a4ee6f3d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:17 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15465600
age: 1782494
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 111626
x-served-by: cache-iad-kiad7000173-IAD, cache-hhn4032-HHN
last-modified: Fri, 04 Dec 2020 00:26:56 GMT
x-timer: S1666105338.548760,VS0,VE0
etag: "cbdb1a8e0fd50fd1fda4ac6b51f7b0ce"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 2208, 2

GET
H3 200 collect
www.google-analytics.com/ Frame 9181 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1255694922&t=pageview&_s=1&dl=https%3A%2F%2Fgiphy.com%2Fembed%2FBjHIjM2YFC3rEUaMrw&dr=https%3A%2F%2Fticket.emlt.ddnss.de%2F&ul=en-us&de=UTF-8&dt=Season%204%20Reaction%20GIF%20by%20The%20Office%20-%20Find%20%26%20Share%20on%20GIPHY&sd=24-bit&sr=1600x1200&vp=&je=0&_u=ACCAgEABAAAAAAAAIC~&jid=&gjid=&cid=1117442823.1666105337&tid=UA-38174542-5&_gid=556733114.1666105337&z=883792720

Requested by

Host: giphy.com
URL: https://giphy.com/embed/BjHIjM2YFC3rEUaMrw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://giphy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 10:24:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 70ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EC3PK322B1&gtm=2oeah0&_p=1937259511&cid=968407597.1666105336&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666105336&sct=1&seg=0&dl=https%3A%2F%2Fticket.emlt.ddnss.de%2F&dt=Service%20Never%20-%20Helpdesk%20Ticket%20System&en=scroll&epn.percent_scrolled=90&_et=12
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EC3PK322B1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 15:02:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ticket.emlt.ddnss.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
40ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98957b9a980dbee333a09877e3d135af4c8497b02489e2d36a14caf7dcb4513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11164
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 94ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 15:02:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFCA 13 KB
5 KB 62ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 14:11:13 GMT
expires: Wed, 18 Oct 2023 14:11:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6040 783 B
535 B 72ms
30ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e27d48d13f1e380e70d50740e42c9b6b14923be00ad0f401229881945d598350

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KTufKtJ_DooQK1Qz--Ou6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ticket.emlt.ddnss.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-KTufKtJ_DooQK1Qz--Ou6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 15:02:24 GMT
expires: Tue, 18 Oct 2022 15:02:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6040 0
0 53ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=742224634047764&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame EFCA 36 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 14:11:13 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EFCA 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F7h89g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 15:02:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=742224634047764&bg=!zs2lzYnNAAYeOJy_Pjg7ACkAdvg8WlSS0KJP3iJCHVuaEyWLORmceFmUpYNN5yrWZM_M0X2VY4EMEQIAAAB7UgAAAAFoAQeZAqcDAfVP_mF_7bqvIvgvW0Gw0W5MCQ6_TZcEEjTRlY1fgIUvz6FBYfZNjXYBMmKUndN7JxC0KppQo7k2lQzp85toC2g2LH8xPl7GcOLG7HBT9Q5J8ZtCivt2Y64sjSJ3yFw_DtB8vt1msF0ikv2erzP_wO23udgToUKORGA18OBrHjdedGMqHjjydI2I6aurK9mL0Qo7vZGlU3ihE3KRxJW52zryWKvayyYM24D0om5Kb7CSk0K8c2agIptyhI7O01N4ds2uoGl187Xu8lsEv1kLAq4JXv7hWjh8TeW_qU5ccJz5O3tFgkSXYySTFQs__CrxaSIEkg8d1PnZgprXBAidvsur0lCLucgzy4vRkzsjWitAiasJMbVXsrZJ3wJzIIgQPqcgWnO6WaxHGTb4Y0-yBLiODEGamEqZ4o_SptzqRMVFhAz1oGfbvGx0g_T8W5GRPGMZuc9ZWFJTqe99Ot5isSmCZLybOeMMo_NU2boW5T_l_9FZ1dyP23ubGMIhBp8V2ROp9pDZA4gjHUwaKT9VIumpA3lE8zaUzgJASS7B-SH5DIfl5MjQMpDhbQJmx7zi44JG4a1YO8RmUeoiq6DtKhAAMnhAFtoFuniDKWSPxz2rRvkq-ZIXFen5WrfT5n8DKUe6kmDDTvqXNlPx2nfnuAj5WCVy6QCuf93tL7fT7d-NFvxU9MqZw48m55YdMenbkB1LFVsxMngUfQ_wEeJVZ9CHiD-n0xQ4Tfk7BxIZwr8hx32Imro92Psh7J9TthtFqQj8armJwWxW93pmI6DiPyc2iFOY5Dr5LFfhEi_6E_1FW1WFjytWZsBzFckMog6483uuTNltNxvJY6dvj-b0IxF1j6lxWYOxtAFllGk96QtgZf-bIGEkBoN0_2jb34naS8DxNcZE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.emlt.ddnss.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.cdnfonts.com
URL: http://fonts.cdnfonts.com/css/comic-sans

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.emlt.ddnss.de/	1970-01-20 16:24:25	Name: _ga_EC3PK322B1 Value: GS1.1.1666105336.1.0.1666105336.0.0.0
.emlt.ddnss.de/	1970-01-20 16:24:25	Name: _ga Value: GA1.1.968407597.1666105336
.giphy.com/	1970-01-20 16:24:25	Name: _ga Value: GA1.2.1117442823.1666105337
.giphy.com/	1970-01-20 06:49:51	Name: _gid Value: GA1.2.556733114.1666105337
.giphy.com/	1970-01-20 06:48:25	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 06:48:26	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ticket.emlt.ddnss.de/chat.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ticket.emlt.ddnss.de/phone.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://ticket.emlt.ddnss.de/ Message: Mixed Content: The page at 'https://ticket.emlt.ddnss.de/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.cdnfonts.com/css/comic-sans'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://ticket.emlt.ddnss.de/chat.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bootswatch.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
giphy.com
googleads.g.doubleclick.net
hitwebcounter.com
insult.mattbas.org
media1.giphy.com
media4.giphy.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
ticket.emlt.ddnss.de
tpc.googlesyndication.com
www.cornify.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hitwebcounter.com
fonts.cdnfonts.com
138.201.65.48
151.101.193.185
199.232.198.2
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
217.235.42.93
2606:4700:3031::6815:11a7
2606:4700:3031::6815:2a7a
2606:4700::6810:5814
2606:4700::6811:180e
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9c
72.47.227.13
0022097ee1d9918e6b3d010272b89e45b6364f88fe7569456de9301bc3229088
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
085085786166795b99878d67bb60fe33375f089c17512301c8a2f12e9875b2a3
1401e2fa10937e1bf4e6b858fd7dd6560de99c4d0afce1037a7a1fed89e799e0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160f9a25079e31b32baf64e5f16d4c39a560d5f37abd2fad66b5039baa2d08b8
1617c840923e70e362d2a97fe41721a94a696ffb76a7d5060db81797d765f82d
17b2fb60e79a19245147028e35073d2d32be0b87dc25dd65501cdf6b54665463
1bc31656a5c01f348aecc33b864f61e2a38d7c641b27d01c3141530e60f3b6e7
2055e604bf64c5db42b5ff544b2070e39f289fc4bc92d29e3f330f728e9f959c
26303d233217266d4ba9a94a14d87541d1bdbd5df2df03511eb6ff9f81022633
2909f9d5a46863f779fa3da8ce9780088df6c909005e2f21339c1272949cc06d
2ceeb92c9675b1d50be444014041bd2f827ee45ffeb3d51c8af15fc610e7958b
2e2fc77315039f98f8fea47fece88e5b9a8485d1a666766d0ecfab7957ee6cff
34a2ed376514a58a3d3ca8fdb31bf4f431d644013a6d21b16181a0a3533340ec
35d507114944128cf5c4a9fefadf13233f1dcc546695dcbe7c7923652dacce28
45f5f59108264725b16423e1f9a892f01e88d6faf11f5ebe10651c0f289d1031
4838447332256a541c98107e94acde1599cca3a4ce82c9be3336230a3c598431
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e15021e3e3dd8708fb51c3ce0a06c56833f287a91135d346a627d23d412ade
60bcbb5f4b2154aa8ef72160b47d687cd78545efc7de9ae4f7dbfb8d65c34ad8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623508806cc3d922b883004f38491d1a5f063b55689c4bf7f73f240c7de4f677
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
77c1c70bde8833f9bc97f987713d9b75e1cab99e878fe0caf3aba810b02e73ea
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c09967303e9c9c64d90970c51a763268705ec54c1e2d6b4d4416dd7c5fc5d2a
90b20eafb03704b27769d7b11b652e6404a1d27e6eb99885c33c1f5f74040e0d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94d746b7acef9c8038ba4c6731199d8967fe508381aaea78bba2c9e58385ebe0
9523ab3661706b96c2d01ec4eaea444a809c03d8a4d546393deff6a4ee6f3d37
9c84136fcf1caf50cd29f5b31e41dd97b391e2367952a974d4d8698e3e0da610
9f375f83cd2d77c62ed1acf60fec3944b24fef52cf3c880afa6ed35558f4cda1
a341c81424fcd26970983f56c9a675e56c1f7542b903e80cbd55aff09d3894a7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
c402973da1354f989ad24c20ff7899eb6cc42900dd645a4bcfa4375b1259659a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc97dd0db4ed0f3d94668dcd170b92d64a41418b261611c35aac995cf8c9c7b5
cf678c4c40ea924e5eb99f949faac211d183e2fdf611468afd4660d4534d9e99
d3ccd9bc376e7849ccd65d7d528cabaeb7e607ddad5eefde05baec231d7f9807
d3f35ae81857c1ce4a7c0d89180f671b60926d6e4dfff3f5c4c040427289b629
d8d4d7d811a147a2f93df6b01c5c6f972f4df793cb5707294f91f1df6644a367
d940d37e615f713b8c31f0fe3a96693d3afda57b8f1ab0cdce64429907a00d12
e27d48d13f1e380e70d50740e42c9b6b14923be00ad0f401229881945d598350
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ff4ff8a0b3cd8997439ebcd3c5ca00835ba04a5c42b736ca0c487ebd54b824
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7dcc98441034a432f0fb8ed4a90ab2da3ce3a04b0abefcc57bd82de416c0fdd
f98957b9a980dbee333a09877e3d135af4c8497b02489e2d36a14caf7dcb4513

ticket.emlt.ddnss.de Open in urlscan Pro 217.235.42.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

97 %HTTPS

77 %IPv6

19 Domains

27 Subdomains

23 IPs

4 Countries

8870 kBTransfer

11401 kBSize

6 Cookies

13 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ticket.emlt.ddnss.de Open in urlscan Pro
217.235.42.93 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

97 %
HTTPS

77 %
IPv6

19
Domains

27
Subdomains

23
IPs

4
Countries

8870 kB
Transfer

11401 kB
Size

6
Cookies

76 HTTP transactions
3 data transactions