www2.stage-entertainment.de Open in urlscan Pro
18.196.88.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstatt...
Submission: On April 21 via manual (April 21st 2022, 3:28:56 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 46 HTTP transactions. The main IP is 18.196.88.31, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www2.stage-entertainment.de.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on February 7th 2022. Valid for: a year.

This is the only time www2.stage-entertainment.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	18.196.88.31 18.196.88.31	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:231... 2600:9000:2315:b800:12:18a9:1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
46	13

12 18.196.88.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

www2.stage-entertainment.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2315:b800:12:18a9:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

mediaportal.stage-entertainment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dc6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	stage-entertainment.de www2.stage-entertainment.de	306 KB
11	stage-entertainment.com mediaportal.stage-entertainment.com	132 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 497	126 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 510 p.typekit.net — Cisco Umbrella Rank: 625	190 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5383	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 4	501 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 809	457 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 95	450 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 644	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 380	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	97 KB
46	12

	Domain	Requested by
12	www2.stage-entertainment.de	www2.stage-entertainment.de
11	mediaportal.stage-entertainment.com	www2.stage-entertainment.de
6	cdn.cookielaw.org	www2.stage-entertainment.de
5	use.typekit.net	www2.stage-entertainment.de use.typekit.net
4	www.google-analytics.com	www2.stage-entertainment.de
1	www.google.de
1	www.google.com
1	geolocation.onetrust.com	www2.stage-entertainment.de
1	stats.g.doubleclick.net	www2.stage-entertainment.de
1	bam.nr-data.net	www2.stage-entertainment.de
1	js-agent.newrelic.com	www2.stage-entertainment.de
1	www.googletagmanager.com	www2.stage-entertainment.de
1	p.typekit.net	use.typekit.net
46	13

This site contains links to these domains. Also see Links.

Domain
www.stage-entertainment.de
www.musicals.de
stage-merchandise.de
www.eventim.de
www.facebook.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.stage-entertainment.de Trusted Secure Certificate Authority 5	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.stage-entertainment.com GeoTrust RSA CA 2018	`2021-11-11` - `2022-12-12`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
Frame ID: 8962CAFB9665EC8456F5114474E3D344
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden | Stage Entertainment DeutschlandBack ButtonSearch IconFilter Icon

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

46
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

892 kB
Transfer

2574 kB
Size

6
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.stage-entertainment.de/service/faqs.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.musicals.de/kontakt
Title: www.musicals.de/kontakt

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/musicals-shows/hamburg/der-koenig-der-loewen/landingpage/kdl-ticket-und-hotel.html
Title: Hotelangebote für Disneys Der König der Löwen

Search URL Search Domain Scan URL

URL: http://stage-merchandise.de/
Title: Offizielle Fan-Artikel

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/service/newsletter-abmeldung.html
Title: Abmeldung

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/service/newsletter.html
Title: Anmeldung

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/service/hinweise.html#tab_modul-105183
Title: Hinweise zu Ihrem mobile Ticket

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/landingpages/backstage/backstage.html
Title: Backstage

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/landingpages/backstage/buehnenbild-technik/buehnenbild-technik.html
Title: Das Bühnenbild

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/landingpages/backstage/casting/casting.html
Title: Das Casting

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/landingpages/backstage/kinderdarsteller/kinderdarsteller.html
Title: Kinderdarsteller

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/landingpages/backstage/maske-kostuem/maske-kostuem.html
Title: Maske & Kostüm

Search URL Search Domain Scan URL

URL: https://www.eventim.de/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Musicalfreunde

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StageEntertainmentDeutschland

Search URL Search Domain Scan URL

URL: https://www.youtube.com/musicalsandmoretv?gl=DE&hl=de

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/service/cookies#ot-sdk-cookie-policy
Title: Cookie-Richtlinie

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://www.stage-entertainment.de/service/cookies
Title: Datenschutzhinweis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
www2.stage-entertainment.de/user/ 65 KB
19 KB 1280ms
1244ms Document
text/html 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7a0400d2120468d32b077ed64aa888abf1bc4cff82b031b5d33861e5effe4802

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=900, public, s-maxage=86400
content-encoding: gzip
content-language: de
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 15:28:51 GMT
etag: "1650554929"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 21 Apr 2022 15:28:49 GMT
link: <https://www.stage-entertainment.de/user/login>; rel="canonical"
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-be55940c-c187-11ec-835f-8fee947771d9
x-ua-compatible: IE=edge
x-xss-protection: 1

GET
H2 200 fontello.woff2
www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/ 10 KB
11 KB 8ms
7ms Font
text/plain 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/fontello.woff2

Requested by

Host: www2.stage-entertainment.de
URL: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d867f78ef700e30f12a8ef565facceef2a378beea4533161aacd29bef8bd9697

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:12 GMT
last-modified: Thu, 24 Mar 2022 07:56:35 GMT
server: nginx
age: 584138
x-cache: HIT
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10528
x-request-id: v-b142e21a-bc37-11ec-9ed9-4b4afe50727e
x-cache-hits: 254992

GET
H2 200 fontello.woff
www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/ 12 KB
12 KB 21ms
20ms Font
text/plain 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/fontello.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

07f98513c6ddc3445ebfa54d48059ac5b58b67affebfdeb9f144123ddd714aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:12 GMT
last-modified: Thu, 24 Mar 2022 07:57:02 GMT
server: nginx
age: 584138
x-cache: HIT
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 12420
x-request-id: v-b1434516-bc37-11ec-a74d-aff37e4c7dc5
x-cache-hits: 245596

GET
H2 200 google_tag.script.js Show response
www2.stage-entertainment.de/sites/default/files/google_tag/primary/ 348 B
622 B 36ms
34ms Script
application/javascript 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/sites/default/files/google_tag/primary/google_tag.script.js?ramq3j

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

28aade04c262eba4a3eeb9caecf8ce152749775eeea24ea9f8de7befc2316d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111745
x-cache: HIT
x-cache-hits: 49814
x-ah-environment: prod
content-length: 283
x-request-id: v-91685254-c083-11ec-a077-17cdd69829ed
last-modified: Wed, 20 Apr 2022 08:26:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 04 May 2022 08:26:25 GMT

GET
H2 200 css_IbXnief29N3CG7sPvCABh13LwBD_SmZ81jagFty6dlQ.css
www2.stage-entertainment.de/sites/default/files/css/ 11 KB
3 KB 21ms
21ms Stylesheet
text/css 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/sites/default/files/css/css_IbXnief29N3CG7sPvCABh13LwBD_SmZ81jagFty6dlQ.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

21b5e789e7f6f4ddc21bbb0fbc2001875dcbc010ff4a667cd636a016dcba7654

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535979
x-cache: HIT
x-cache-hits: 120
x-ah-environment: prod
content-length: 3172
x-request-id: v-d27ee828-bca7-11ec-b206-738b3e4ca010
last-modified: Mon, 04 Apr 2022 10:52:49 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 29 Apr 2022 10:35:51 GMT

GET
H2 200 css_98bbLiM0W-HqNuyIC7pcd5LXnjPB8iqKyy8x-SrpaDg.css
www2.stage-entertainment.de/sites/default/files/css/ 506 KB
64 KB 22ms
22ms Stylesheet
text/css 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/sites/default/files/css/css_98bbLiM0W-HqNuyIC7pcd5LXnjPB8iqKyy8x-SrpaDg.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7c6db2e23345be1ea36ec880bba5c7792d79e33c1f22a8acb2f31f92ae96838

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583521
x-cache: HIT
x-cache-hits: 8338
x-ah-environment: prod
content-length: 64668
x-request-id: v-2170f58a-bc39-11ec-8b8b-0f19832a865b
last-modified: Mon, 04 Apr 2022 10:51:27 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 28 Apr 2022 21:23:30 GMT

GET
H2 200 stage.webp
www2.stage-entertainment.de/sites/default/files/styles/30x22/public/ 824 B
1 KB 37ms
34ms Image
text/plain 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.stage-entertainment.de/sites/default/files/styles/30x22/public/stage.webp?itok=0bpvRUJu

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

848dbbba11264132ffcc2496613764c6ffb08f5d79456072636e8e9bf4cb4828

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:28 GMT
last-modified: Thu, 09 Dec 2021 08:17:50 GMT
server: nginx
age: 584122
x-cache: HIT
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 824
x-request-id: v-bb118a26-bc37-11ec-bc8e-9f02fe992a0c
x-cache-hits: 29360

GET
H2 200 C8051465-0995-4886-8DCDD01B21FE2AF8
mediaportal.stage-entertainment.com/images/media/ 16 KB
17 KB 100ms
33ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/C8051465-0995-4886-8DCDD01B21FE2AF8?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4ddd2761ea8d26fb2288c119d672c9c5e0d00f9d184320022740e20b7c7ec1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:55:40 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 1991
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 16895
x-xss-protection: 1; mode=block
x-amz-cf-id: LRCqRC-_wqUVFmfmXTqH6z0qT6FORfJnYMdCBB9OS8W6GpXZg9bfHQ==

GET
H2 200 DD95203C-3D9B-48BF-9B301318636BE043
mediaportal.stage-entertainment.com/images/media/ 10 KB
11 KB 92ms
25ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/DD95203C-3D9B-48BF-9B301318636BE043?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c8cbe0c152ce2dbd20734fa2648422c590a9c00b44a28088c7f85b5f2da4d331

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:56:28 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 30743
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 10682
x-xss-protection: 1; mode=block
x-amz-cf-id: XKiugY4fBTdZcc9qP68q41_g1H37Fk0765dcKTVaEDpRXdHpVoeXlg==

GET
H2 200 2F20B47F-301E-4EA0-B600D56B1B01AABA
mediaportal.stage-entertainment.com/images/media/ 13 KB
13 KB 92ms
24ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/2F20B47F-301E-4EA0-B600D56B1B01AABA?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

19f58696a5dd1169c2f070a7fcead60665b27ff17f92dce79c71579620af5eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 02:33:30 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 46521
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 12928
x-xss-protection: 1; mode=block
x-amz-cf-id: 4lmfa6FySMJdkM6fnVpvlE-ZyqYNRumOTgm_NMtUEHUcPLE1GpKm1A==

GET
H2 200 1C04D1ED-1D02-4EC8-B65AAF582BC5C09F
mediaportal.stage-entertainment.com/images/media/ 16 KB
16 KB 100ms
33ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/1C04D1ED-1D02-4EC8-B65AAF582BC5C09F?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

007dea3efefb0c36107013da7518a4cb2763b4f978bc6222ebb2ed8803ae4d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 07:19:17 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 29374
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 15965
x-xss-protection: 1; mode=block
x-amz-cf-id: eTiHjKl_Gby4EwaogW8QZIAcCGQDogsGgzeO6r_kTQV76K07csKyFQ==

GET
H2 200 396CC880-0C20-4CB9-A3278B5960B97671
mediaportal.stage-entertainment.com/images/media/ 10 KB
11 KB 93ms
26ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/396CC880-0C20-4CB9-A3278B5960B97671?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

999db5b1434c9c7924b9bced41e2910db3aaa18a6a4cdeeae469024fe2b9258f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:22:42 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 72369
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 10556
x-xss-protection: 1; mode=block
x-amz-cf-id: nKEKOLhIqtU9QZkqY2yoGnCJ-xicnhyYIjyQdnaWsTglF0IdRJ97Mg==

GET
H2 200 FA2C1AFC-A83E-4E61-9A5BD8D0B6A20E93
mediaportal.stage-entertainment.com/images/media/ 12 KB
13 KB 92ms
25ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/FA2C1AFC-A83E-4E61-9A5BD8D0B6A20E93?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6d554ad5cd7804d599ca4e9d225c64fded496d891ece0e786d0d430a0e6b9770

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:40:33 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 31698
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 12414
x-xss-protection: 1; mode=block
x-amz-cf-id: kI3ZQ3g2F2sk1edBYTfMKl-CldJXsyRw_u_uGrq8zLulAbNbxpSPog==

GET
H2 200 79AA8659-E568-4E1B-BD008325F3724FFA
mediaportal.stage-entertainment.com/images/media/ 12 KB
12 KB 27ms
25ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/79AA8659-E568-4E1B-BD008325F3724FFA?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

876ffc3e2cb9862ab384746e49547cea0cd705d9b4b2f2c8c6489c23f6150c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:33:29 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 122122
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 11855
x-xss-protection: 1; mode=block
x-amz-cf-id: kn4bfrGyFx69HB_03NcRXTa7VkR63kf-J2Y0jgn99DEj1G1-dvk4Hw==

GET
H2 200 95B2EB85-3876-404E-81F74B9208F5B068
mediaportal.stage-entertainment.com/images/media/ 13 KB
14 KB 26ms
24ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/95B2EB85-3876-404E-81F74B9208F5B068?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

00f5a5f75e4bb0f918e97732f8057ac2a03cd520487ce3968b0a0a7fe9fc8f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:50:21 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 153510
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 13684
x-xss-protection: 1; mode=block
x-amz-cf-id: 5koxOH4rY1qsllVsKjKzD57BmWTJGIgdSmJekqdQd8ghlZ58IeNEBw==

GET
H2 200 12FDEF81-D150-454D-8D15BBAA7A1925FE
mediaportal.stage-entertainment.com/images/media/ 10 KB
10 KB 16ms
14ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/12FDEF81-D150-454D-8D15BBAA7A1925FE?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c2f48a559eafc97756b5b4b8e6d7a326c0ea99f670deb0e2d9b0637c2d295f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 10:51:55 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 16616
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 10073
x-xss-protection: 1; mode=block
x-amz-cf-id: crh0-nTffq4wwaQwOsY5UJLY153U7ABh8QdfwCfEoXuM1JXLqB3vwg==

GET
H2 200 E6C5C823-17F2-4AE4-AE3C5871B6B1CD8E
mediaportal.stage-entertainment.com/images/media/ 10 KB
10 KB 27ms
25ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/E6C5C823-17F2-4AE4-AE3C5871B6B1CD8E?w=180&h=180&crop=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f12197b319e4e2b8b797a07b7b6ed6a67696c4e5d93c200d7eeb3b7fa1b527b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 14:00:16 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 91715
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 9897
x-xss-protection: 1; mode=block
x-amz-cf-id: S7IAkKlUaEnt-KaKAwkqSB_bj7RyM4YO4Uc7GWfjq-x7BB7z7BB8Iw==

GET
H2 200 thul-6CEC663D-A524-4002-B0A420CBDDA0CF90.jpg
www2.stage-entertainment.de/sites/default/files/styles/180x180/public/ 9 KB
9 KB 35ms
34ms Image
image/jpeg 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.stage-entertainment.de/sites/default/files/styles/180x180/public/thul-6CEC663D-A524-4002-B0A420CBDDA0CF90.jpg?itok=ySR48aIo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

74e4d26e40fd1f3aa07540d767e1a033bb7c98b3c8cee82394643f594550c017

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:12 GMT
last-modified: Thu, 09 Dec 2021 08:17:18 GMT
server: nginx
age: 584138
x-cache: HIT
content-type: image/jpeg
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 8820
x-request-id: v-b14d826a-bc37-11ec-8955-9b7f088f0c47
x-cache-hits: 193154

GET
H2 200 5237FDB1-AAD4-4104-A3AD43B91BCA5D36
mediaportal.stage-entertainment.com/images/media/ 6 KB
6 KB 28ms
26ms Image
image/jpeg 2600:9000:2315:b800:12:18a9:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mediaportal.stage-entertainment.com/images/media/5237FDB1-AAD4-4104-A3AD43B91BCA5D36?w=&h=75&crop=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:b800:12:18a9:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a22b402409a3a528534fa5890c3a91e4c7bd9b681f3e7361e3d43448ee7da510

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 06:29:56 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: nginx
age: 32335
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=172800
x-content-type-options: nosniff
content-disposition: inline
x-amz-cf-pop: DUS51-P2
content-length: 5959
x-xss-protection: 1; mode=block
x-amz-cf-id: EQ78BIS6Ap_mHGkbxeItnZFmPN6teFUIOJfzcBvrRp7LgkJPt0HKbg==

GET
H2 200 eventim_sc_pos.webp
www2.stage-entertainment.de/sites/default/files/styles/50h/public/ 996 B
1 KB 35ms
34ms Image
text/plain 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.stage-entertainment.de/sites/default/files/styles/50h/public/eventim_sc_pos.webp?itok=2qJeADNR

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

34d6fd31eb9c65f19400cce913c6e39188abf03876f8dc7638167f42292e5d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:20 GMT
last-modified: Thu, 09 Dec 2021 08:17:50 GMT
server: nginx
age: 584130
x-cache: HIT
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 996
x-request-id: v-b6384c42-bc37-11ec-9aa7-e3714ad7eb23
x-cache-hits: 29932

GET
H2 200 Musicalfreunde_neu_3.webp
www2.stage-entertainment.de/sites/default/files/styles/50h/public/ 1 KB
1 KB 35ms
35ms Image
text/plain 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.stage-entertainment.de/sites/default/files/styles/50h/public/Musicalfreunde_neu_3.webp?itok=5hGyKHJ0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3ab6cd265bb345d8c9f88edea4110d1b1f120bceed9e7b746e658d891ef37da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:20 GMT
last-modified: Thu, 09 Dec 2021 08:17:50 GMT
server: nginx
age: 584130
x-cache: HIT
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1194
x-request-id: v-b63a7436-bc37-11ec-a763-d723fc7bf67f
x-cache-hits: 29854

GET
H2 200 js__FlVGrvinJDm-4I_Ej8yotHAr9fsDP45tAH6JOLLN3E.js Show response
www2.stage-entertainment.de/sites/default/files/js/ 611 KB
174 KB 36ms
33ms Script
text/javascript 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/sites/default/files/js/js__FlVGrvinJDm-4I_Ej8yotHAr9fsDP45tAH6JOLLN3E.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fc59551abbe29c90e6fb823f123f32a2d1c0afd7ec0cfe39b401fa24e2cb3771

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535896
x-cache: HIT
x-cache-hits: 44
x-ah-environment: prod
content-length: 177223
x-request-id: v-03ce3afa-bca8-11ec-8b59-239353db0fb1
last-modified: Mon, 04 Apr 2022 10:53:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 29 Apr 2022 10:37:14 GMT

GET
H2 200 kqr0btt.css
use.typekit.net/ 24 KB
2 KB 74ms
32ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/kqr0btt.css

Requested by

Host: www2.stage-entertainment.de
URL: https://www2.stage-entertainment.de/sites/default/files/css/css_98bbLiM0W-HqNuyIC7pcd5LXnjPB8iqKyy8x-SrpaDg.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a5c384dcc6687bf77fe1bfe8be56cd4f1c7951be0e6a4256ff6c1275724fbabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 21 Apr 2022 15:28:51 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2141

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 249ms
9ms Stylesheet
text/css 2a02:26f0:3500:7::17d8:4dc6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=kqr0btt&ht=tk&f=5889.7860.10296.15665.15779.15781.15782.37496.37497.42300.42301.16353.37459.37460.37464.37465.37466.37467.24539.24540.24543.24544.24545.24546.24547.24548.24549.24552.32874.37478.37479.37484.37485.46057&a=85426865&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqr0btt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dc6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/5e6988/00000000000000007735a163/30/ 46 KB
46 KB 88ms
49ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5e6988/00000000000000007735a163/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqr0btt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94f721cea60b90692738a2e4ab2997bbf8228d7554a4d5c13a909f1d5af03cf2

Request headers

Referer: https://use.typekit.net/kqr0btt.css
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
server: nginx
etag: "6c7f6faf833b2ec0ec96352fe0a408d237d7154e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47152

GET
H2 200 l
use.typekit.net/af/09d302/00000000000000007735a14e/30/ 47 KB
47 KB 73ms
35ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/09d302/00000000000000007735a14e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqr0btt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3e2ccf5a974d78a6fdca5b2fe544a4fdeefb3bbe668d1deb95259d421fb3e514

Request headers

Referer: https://use.typekit.net/kqr0btt.css
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
server: nginx
etag: "59adf62a226d21141e081eeac74c10da912bdadf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48228

GET
H2 200 fontello.woff2
www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/ 10 KB
11 KB 21ms
21ms Font
text/plain 18.196.88.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/fontello.woff2?43185327=

Requested by

Host: www2.stage-entertainment.de
URL: https://www2.stage-entertainment.de/sites/default/files/css/css_98bbLiM0W-HqNuyIC7pcd5LXnjPB8iqKyy8x-SrpaDg.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.88.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-88-31.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

64176f5fd8245627399da6503877026f59904486500ea6246c4ff1f66a057764

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.stage-entertainment.de/sites/default/files/css/css_98bbLiM0W-HqNuyIC7pcd5LXnjPB8iqKyy8x-SrpaDg.css
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
via: varnish
x-content-type-options: nosniff
expires: Thu, 28 Apr 2022 21:13:13 GMT
last-modified: Thu, 24 Mar 2022 07:54:13 GMT
server: nginx
age: 584138
x-cache: HIT
x-ah-environment: prod
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10528
x-request-id: v-b1b5049e-bc37-11ec-860b-efc13dc09dfe
x-cache-hits: 232871

GET
H2 200 l
use.typekit.net/af/61b4ba/00000000000000007735a167/30/ 47 KB
47 KB 87ms
49ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/61b4ba/00000000000000007735a167/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqr0btt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0424e19520bce927755b6b3e6a31fd16af5d494271e3db98516e08aa180b043f

Request headers

Referer: https://use.typekit.net/kqr0btt.css
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
server: nginx
etag: "5fed17d5bea029195a99ba74b516f25ee725434b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48280

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 354 KB
97 KB 192ms
16ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJC6VZ8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

194d22cbedd38ea243f2c0d3cbbcca9cc0c88584e6f13c8ce370dd6d46f8d37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98461
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 15:28:51 GMT

GET
H2 200 l
use.typekit.net/af/1416a9/00000000000000007735a15a/30/ 46 KB
46 KB 37ms
34ms Font
application/font-woff2 2a02:26f0:3500:7::17d8:4dca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1416a9/00000000000000007735a15a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kqr0btt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c7b46022c4ae5a1798ed9e45a83ed40aead7f761070cb9af515bff95855db307

Request headers

Referer: https://use.typekit.net/kqr0btt.css
Origin: https://www2.stage-entertainment.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:51 GMT
server: nginx
etag: "bccec9a43405f07681ac803f830df18c2eea2bd9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47244

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 23ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: www2.stage-entertainment.de
URL: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: 2TR2RRYMRD54RVTY
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: PuDDgzwCEreeWa9jCqxopTliCdGbSIFq3MMKdZKQttdHry9qD8vIXFkbsO/1owUimlj+TkooQmo=
x-served-by: cache-hhn4076-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1650554932.914961,VS0,VE0
date: Thu, 21 Apr 2022 15:28:51 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6728

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 63ms
34ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 15:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +q2Bd0SvXowDeesSOf+0yw==
age: 11454
vary: Accept-Encoding
content-length: 6782
x-ms-lease-status: unlocked
last-modified: Tue, 19 Apr 2022 16:48:44 GMT
server: cloudflare
etag: 0x8DA222477B64739
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1cc45f15-201e-00e0-512a-543e6e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ff726e4ac760200-ZRH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6841
date: Thu, 21 Apr 2022 13:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Apr 2022 15:34:50 GMT

GET
H/1.1 200
OK 794017a37b Show response
bam.nr-data.net/1/ 57 B
322 B 406ms
102ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/794017a37b?a=466149466&v=1215.1253ab8&to=NQYDYxZXDUJXW0dcDAxMIFQQXwxfGXxBQBMDDz10C0QGbXVXXUERDQ8NUhZqK0VbVHVaEQ8gDlkQRAxdWl1BGF0FBhV0C1gXVFhMYVAQFw8V&rst=2014&ck=1&ref=https://www2.stage-entertainment.de/user/login&ap=1232&be=1303&fe=1968&dc=1747&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1650554929926,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:19,%22c%22:19,%22s%22:26,%22ce%22:36,%22rq%22:36,%22rp%22:1280,%22rpe%22:1294,%22dl%22:1283,%22di%22:1746,%22ds%22:1747,%22de%22:1765,%22dc%22:1968,%22l%22:1968,%22le%22:1968%7D,%22navigation%22:%7B%7D%7D&fp=1757&fcp=1757&at=GUEAFV5NHkw%3D&jsonp=NREUM.setToken
Requested by: Host: www2.stage-entertainment.de
URL: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
153 B 14ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=132225195&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww2.stage-entertainment.de%2Fuser%2Flogin%3Fdestination%3D%2Fsystem%2Ffiles%253Ffile%253Dwebform%2Fcorona_rueckabwicklung_2_1%2F2256676%2Ferstattung_formular1650398653.pdf&ul=en-us&de=UTF-8&dt=Anmelden%20%7C%20Stage%20Entertainment%20Deutschland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=20%25&_u=YEBAAEABAAAAAC~&jid=1093808810&gjid=985327352&cid=1264571496.1650554932&tid=UA-43201536-2&_gid=422608152.1650554932&_r=1&gtm=2wg4i1PJC6VZ8&z=1398850549

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.stage-entertainment.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 15:28:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www2.stage-entertainment.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=132225195&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww2.stage-entertainment.de%2Fuser%2Flogin%3Fdestination%3D%2Fsystem%2Ffiles%253Ffile%253Dwebform%2Fcorona_rueckabwicklung_2_1%2F2256676%2Ferstattung_formular1650398653.pdf&ul=en-us&de=UTF-8&dt=Anmelden%20%7C%20Stage%20Entertainment%20Deutschland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=40%25&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1264571496.1650554932&tid=UA-43201536-2&_gid=422608152.1650554932&gtm=2wg4i1PJC6VZ8&z=692755004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 13:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6165
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=132225195&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww2.stage-entertainment.de%2Fuser%2Flogin%3Fdestination%3D%2Fsystem%2Ffiles%253Ffile%253Dwebform%2Fcorona_rueckabwicklung_2_1%2F2256676%2Ferstattung_formular1650398653.pdf&ul=en-us&de=UTF-8&dt=Anmelden%20%7C%20Stage%20Entertainment%20Deutschland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=60%25&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1264571496.1650554932&tid=UA-43201536-2&_gid=422608152.1650554932&gtm=2wg4i1PJC6VZ8&z=553972990

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 13:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6165
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 43194e53-5117-4494-bb14-9a55db030c53.json Show response
cdn.cookielaw.org/consent/43194e53-5117-4494-bb14-9a55db030c53/ 3 KB
2 KB 46ms
20ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/43194e53-5117-4494-bb14-9a55db030c53/43194e53-5117-4494-bb14-9a55db030c53.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5400daa8192b836b3d28e0a88ff812927b3b8535237c0db6278898dfb2573784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 15:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 22MbTlPrT4zaN3XmflKQSg==
age: 8189
vary: Accept-Encoding
content-length: 1345
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 13:00:37 GMT
server: cloudflare
etag: 0x8D9E7152C40BAD5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c1d4d135-801e-002a-0c4f-53ada3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ff726e52d3001e3-ZRH
expires: Thu, 21 Apr 2022 19:28:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43201536-2&cid=1264571496.1650554932&jid=1093808810&gjid=985327352&_gid=422608152.1650554932&_u=YEBAAEAAAAAAAC~&z=354694109

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www2.stage-entertainment.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Apr 2022 15:28:52 GMT
content-type: text/plain
access-control-allow-origin: https://www2.stage-entertainment.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 58ms
27ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www2.stage-entertainment.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:52 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ff726e57ac023c7-ZRH
access-control-allow-headers: Content-Type

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 74ms
49ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43201536-2&cid=1264571496.1650554932&jid=1093808810&_u=YEBAAEAAAAAAAC~&z=1936927417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 15:28:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 99ms
74ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43201536-2&cid=1264571496.1650554932&jid=1093808810&_u=YEBAAEAAAAAAAC~&z=1936927417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 15:28:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.17.0/ 377 KB
84 KB 19ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 15:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 66Z8bY5FXXAAikIS37tpYA==
age: 15960048
vary: Accept-Encoding
content-length: 85833
x-ms-lease-status: unlocked
last-modified: Thu, 29 Apr 2021 01:57:14 GMT
server: cloudflare
etag: 0x8D90AB21C520644
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b1b3eda3-301e-00ff-186c-c4e57e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ff726e5adc50200-ZRH

GET
H2 200 de.json Show response
cdn.cookielaw.org/consent/43194e53-5117-4494-bb14-9a55db030c53/a1f726b3-7a47-4c8c-88d6-9be266710d57/ 91 KB
19 KB 27ms
26ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/43194e53-5117-4494-bb14-9a55db030c53/a1f726b3-7a47-4c8c-88d6-9be266710d57/de.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

addf802fe7f444402b2d3f1940953c429d05a48733c6c13aaac9f8be84e4eb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 15:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xD8Z7YwUKC47QAD4x3QFYA==
age: 8189
vary: Accept-Encoding
content-length: 19003
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 13:00:38 GMT
server: cloudflare
etag: 0x8D9E7152D495300
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b2766651-f01e-00ad-3a4c-55f88c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ff726e60e6d01e3-ZRH
expires: Thu, 21 Apr 2022 19:28:52 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 9 KB
3 KB 54ms
54ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otCenterRounded.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 15:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DYIWRFwWAxeWZ0Ct/hqpNg==
age: 8707
vary: Accept-Encoding
content-length: 2571
x-ms-lease-status: unlocked
last-modified: Thu, 29 Apr 2021 01:57:06 GMT
server: cloudflare
etag: 0x8D90AB217C18F7F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 48092d67-201e-016c-1c9c-333560000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ff726e7c89e01e3-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/ 47 KB
12 KB 38ms
38ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/otPcCenter.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.stage-entertainment.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Apr 2022 15:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QWpbT1Wg29aBRjQ2r7+nDQ==
age: 8707
vary: Accept-Encoding
content-length: 11495
x-ms-lease-status: unlocked
last-modified: Thu, 29 Apr 2021 01:57:08 GMT
server: cloudflare
etag: 0x8D90AB218BD0ED7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d5c6a2d0-301e-0115-4d9c-335c2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6ff726e7c8a001e3-ZRH

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.stage-entertainment.de/	1970-01-20 20:00:26	Name: _ga Value: GA1.2.1264571496.1650554932
.stage-entertainment.de/	1970-01-20 02:30:41	Name: _gid Value: GA1.2.422608152.1650554932
.stage-entertainment.de/	1970-01-20 02:29:14	Name: _gat_UA-43201536-2 Value: 1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: ae74d4f023763398
.www2.stage-entertainment.de/	1970-01-20 03:12:26	Name: testOneTrust Value: isGpcEnabled=0&datestamp=Thu+Apr+21+2022+15:28:52+GMT+0000+(GMT)&version=6.17.0&isIABGlobal=false&hosts=&consentId=66ec10a2-2a95-40fb-8020-a9fd19b699d5&interactionCount=0
.stage-entertainment.de/	1970-01-20 11:14:50	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Apr+21+2022+15%3A28%3A52+GMT%2B0000+(GMT)&version=6.17.0&isIABGlobal=false&hosts=&consentId=66ec10a2-2a95-40fb-8020-a9fd19b699d5&interactionCount=0&landingPath=https%3A%2F%2Fwww2.stage-entertainment.de%2Fuser%2Flogin%3Fdestination%3D%2Fsystem%2Ffiles%253Ffile%253Dwebform%2Fcorona_rueckabwicklung_2_1%2F2256676%2Ferstattung_formular1650398653.pdf&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C6%3A0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
javascript	warning	URL: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf Message: The resource https://www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/fontello.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www2.stage-entertainment.de/user/login?destination=/system/files%3Ffile%3Dwebform/corona_rueckabwicklung_2_1/2256676/erstattung_formular1650398653.pdf Message: The resource https://www2.stage-entertainment.de/themes/custom/se/dist/fonts/fontello/font/fontello.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.cookielaw.org
geolocation.onetrust.com
js-agent.newrelic.com
mediaportal.stage-entertainment.com
p.typekit.net
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www2.stage-entertainment.de
151.101.66.137
162.247.242.20
18.196.88.31
2600:9000:2315:b800:12:18a9:1c0:93a1
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:801::2004
2a00:1450:4001:809::200e
2a00:1450:4001:812::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c0a::9b
2a02:26f0:3500:7::17d8:4dc6
2a02:26f0:3500:7::17d8:4dca
007dea3efefb0c36107013da7518a4cb2763b4f978bc6222ebb2ed8803ae4d68
00f5a5f75e4bb0f918e97732f8057ac2a03cd520487ce3968b0a0a7fe9fc8f85
03aa6fcac2902227e1b66a01b87824692f708bbf9bfe441784f8ed22d677f6de
0424e19520bce927755b6b3e6a31fd16af5d494271e3db98516e08aa180b043f
07f98513c6ddc3445ebfa54d48059ac5b58b67affebfdeb9f144123ddd714aa4
194d22cbedd38ea243f2c0d3cbbcca9cc0c88584e6f13c8ce370dd6d46f8d37e
19f58696a5dd1169c2f070a7fcead60665b27ff17f92dce79c71579620af5eef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21b5e789e7f6f4ddc21bbb0fbc2001875dcbc010ff4a667cd636a016dcba7654
28aade04c262eba4a3eeb9caecf8ce152749775eeea24ea9f8de7befc2316d41
34d6fd31eb9c65f19400cce913c6e39188abf03876f8dc7638167f42292e5d8b
3ab6cd265bb345d8c9f88edea4110d1b1f120bceed9e7b746e658d891ef37da9
3e2ccf5a974d78a6fdca5b2fe544a4fdeefb3bbe668d1deb95259d421fb3e514
4ddd2761ea8d26fb2288c119d672c9c5e0d00f9d184320022740e20b7c7ec1ce
5400daa8192b836b3d28e0a88ff812927b3b8535237c0db6278898dfb2573784
64176f5fd8245627399da6503877026f59904486500ea6246c4ff1f66a057764
6d554ad5cd7804d599ca4e9d225c64fded496d891ece0e786d0d430a0e6b9770
74e4d26e40fd1f3aa07540d767e1a033bb7c98b3c8cee82394643f594550c017
7a0400d2120468d32b077ed64aa888abf1bc4cff82b031b5d33861e5effe4802
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848dbbba11264132ffcc2496613764c6ffb08f5d79456072636e8e9bf4cb4828
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
876ffc3e2cb9862ab384746e49547cea0cd705d9b4b2f2c8c6489c23f6150c6f
94f721cea60b90692738a2e4ab2997bbf8228d7554a4d5c13a909f1d5af03cf2
999db5b1434c9c7924b9bced41e2910db3aaa18a6a4cdeeae469024fe2b9258f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22b402409a3a528534fa5890c3a91e4c7bd9b681f3e7361e3d43448ee7da510
a5c384dcc6687bf77fe1bfe8be56cd4f1c7951be0e6a4256ff6c1275724fbabe
addf802fe7f444402b2d3f1940953c429d05a48733c6c13aaac9f8be84e4eb43
c2f48a559eafc97756b5b4b8e6d7a326c0ea99f670deb0e2d9b0637c2d295f8c
c7b46022c4ae5a1798ed9e45a83ed40aead7f761070cb9af515bff95855db307
c8cbe0c152ce2dbd20734fa2648422c590a9c00b44a28088c7f85b5f2da4d331
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d867f78ef700e30f12a8ef565facceef2a378beea4533161aacd29bef8bd9697
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12197b319e4e2b8b797a07b7b6ed6a67696c4e5d93c200d7eeb3b7fa1b527b0
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f7c6db2e23345be1ea36ec880bba5c7792d79e33c1f22a8acb2f31f92ae96838
fc59551abbe29c90e6fb823f123f32a2d1c0afd7ec0cfe39b401fa24e2cb3771
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

www2.stage-entertainment.de Open in urlscan Pro 18.196.88.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

77 %IPv6

12 Domains

13 Subdomains

13 IPs

3 Countries

892 kBTransfer

2574 kBSize

6 Cookies

20 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.stage-entertainment.de Open in urlscan Pro
18.196.88.31 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

77 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

892 kB
Transfer

2574 kB
Size

6
Cookies

46 HTTP transactions
0 data transactions