urlscan.io logo urlscan.io
SecurityTrails logo

xyz.rom-tickets.de Open in urlscan Pro
116.203.210.203  Public Scan

Go To Rescan Add Verdict Report
URL: https://xyz.rom-tickets.de/
Submission: On May 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 116.203.210.203, located in Munich, Germany and belongs to HETZNER-AS, DE. The main domain is xyz.rom-tickets.de.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.
This is the only time xyz.rom-tickets.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    116.203.210.203 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.203.210.203.116.clients.your-server.de
xyz.rom-tickets.de
3    2606:4700:4400::ac40:999e (United States)

ASN13335 (CLOUDFLARENET, US)
widget.getyourguide.com
1    2600:9000:2127:8800:18:278d:b500:93a1 (United States)

ASN16509 (AMAZON-02, US)
widgets.tiqets.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com
www.awin1.com
1    145.239.2.103 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu
cdn.contentspread.net
4    2600:9000:2127:a000:12:ff18:1880:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.tiqets.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.rom-tickets.de
Apex Domain
Subdomains		 Transfer
17 rom-tickets.de
xyz.rom-tickets.de
cdn.rom-tickets.de
617 KB
5 tiqets.com
widgets.tiqets.com — Cisco Umbrella Rank: 316442
www.tiqets.com — Cisco Umbrella Rank: 204337
8 KB
3 getyourguide.com
widget.getyourguide.com — Cisco Umbrella Rank: 42785
26 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 106757
54 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 19886
623 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
82 KB
25 6
Domain Requested by
15 xyz.rom-tickets.de xyz.rom-tickets.de
4 www.tiqets.com 2 redirects widgets.tiqets.com
3 widget.getyourguide.com xyz.rom-tickets.de
widget.getyourguide.com
2 cdn.rom-tickets.de xyz.rom-tickets.de
cdn.rom-tickets.de
1 cdn.contentspread.net xyz.rom-tickets.de
1 www.awin1.com 1 redirects
1 www.googletagmanager.com xyz.rom-tickets.de
1 widgets.tiqets.com xyz.rom-tickets.de
25 8

This site contains links to these domains. Also see Links.

Domain
www.awin1.com
www.tiqets.com
christianhutzinger.at
Subject Issuer Validity Valid
xyz.rom-tickets.de
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
widget.getyourguide.com
E1		 2024-04-24 -
2024-07-23		 3 months crt.sh
widgets.tiqets.com
Amazon RSA 2048 M03		 2024-01-31 -
2025-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
tiqets.com
Amazon RSA 2048 M03		 2024-02-06 -
2025-03-07		 a year crt.sh
cdn.rom-tickets.de
R3		 2024-04-06 -
2024-07-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://xyz.rom-tickets.de/
Frame ID: EB90B7FDE1634F32760F4346080DD73F
Requests: 23 HTTP requests in this frame

Frame: https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0&altVi=0&altGyg=0&itemCount=20&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
Frame ID: 536E2F54CDD5CC3C8BA96931657D3FA5
Requests: 1 HTTP requests in this frame

Frame: https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C977114&widgetIndex=1&altVi=0&altGyg=0&language=en&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
Frame ID: C9D3D9F9977EF00A1164FF11D9265CA9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RomTickets - Eintritt & Touren einfach online buchen

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

25
Requests

96 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

786 kB
Transfer

1110 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.awin1.com/cshow.php?s=3480072&v=11624&q=341931&r=1184644 HTTP 302
  • https://cdn.contentspread.net/onuni/Turbopass/Banner/Aktion/Turbopass_DE/Rom/728x90_Rom.jpg
Request Chain 18
  • https://www.tiqets.com/widgets/discovery?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0&altVi=0&altGyg=0&itemCount=20&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F HTTP 308
  • https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0&altVi=0&altGyg=0&itemCount=20&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
Request Chain 19
  • https://www.tiqets.com/widgets/discovery?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C977114&widgetIndex=1&altVi=0&altGyg=0&language=en&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F HTTP 308
  • https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C977114&widgetIndex=1&altVi=0&altGyg=0&language=en&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xyz.rom-tickets.de/ 		42 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
aae693dd2b22a9128e505509459ea412cd531b0fbe9017bb6e5be8d6e0a3e9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Sun, 12 May 2024 14:09:56 GMT
etag
W/"664093e0-a760"
last-modified
Sun, 12 May 2024 10:03:12 GMT
referrer-policy
same-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
pa.umd.production.min.js
widget.getyourguide.com/dist/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/dist/pa.umd.production.min.js
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbf72648db5a7e70fe8bfce09e4f1c161b2bfefe0b4c05f55205dc00e41b1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B3YEZ5TNKK0133KZ
age
870
x-amz-server-side-encryption
AES256
x-amz-id-2
+zqyeJkkuO6srGX0FRLRDy+eLHwgao9u4dK+m4yGMsC0rahqblUiEMGu0WR86y2/6xwK+fzsivw=
last-modified
Tue, 07 May 2024 07:40:28 GMT
server
cloudflare
etag
W/"2d758a54ed5fce56a9cf90860be9d37d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sTVKGicq2DMskNP94Anc50dahbgneGLO6uv9H%2FWZa5LmjGhgnsBFtei%2FFgekc991%2BmAIBynzf8LL6Y%2F0Phuxg1Jt7JOMnibRAvahKZPAP%2FYRHZOamtMSFXUitCvD5NSu1nhQ1Ll1bwJ0QkuI66HN6R4MgFQU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600, public, must-revalidate
cf-ray
882afd469ad991e1-FRA
loader.js
widgets.tiqets.com/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.tiqets.com/loader.js
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8800:18:278d:b500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f39a9ba9efd5c483398bc6848c0b63d58a71b49d3bc015d618c87aed6e3813f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
content-encoding
gzip
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
last-modified
Fri, 10 May 2024 12:58:22 GMT
x-amz-cf-pop
PRG50-C1
etag
W/"663e19ee-3f5d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
GPNume-ommf3i_B73SzUsJe5nVllwDBSB47N7BVJiMhek20OawJk7w==
expires
Sun, 12 May 2024 14:14:56 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-996996723
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
88bfba4981e525e8bc6c6c4bcf7172801aba9cc6d0dc5ad3b50ba07f572e8d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83770
x-xss-protection
0
last-modified
Sun, 12 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 May 2024 14:09:56 GMT
datenschutz.b0964b81.css
xyz.rom-tickets.de/_astro/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/_astro/datenschutz.b0964b81.css
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
a938cd591da4ddd9e5a0f10a5c171126702f4713f292373fbb6f6b8ead10a5f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
content-encoding
br
last-modified
Sun, 12 May 2024 10:03:12 GMT
server
nginx
etag
W/"664093e0-fb79"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
page.5ad31abe.js
xyz.rom-tickets.de/_astro/ 		1 KB
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/_astro/page.5ad31abe.js
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
9d57f39d8f2f0e3abaed129871cf8cbc15e5ba23e258c0d89ef0bc017ada3009

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Origin
https://xyz.rom-tickets.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
content-encoding
br
last-modified
Sun, 12 May 2024 10:09:06 GMT
server
nginx
etag
W/"66409542-412"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
Logo-Rom-Tickets.74a7ecfa_2kf0Q9.webp
xyz.rom-tickets.de/_astro/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Logo-Rom-Tickets.74a7ecfa_2kf0Q9.webp
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
b1b42a50c4ff8f2bddaa26602bbbcd99026126294fc094ff3378a16e18181a83

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
last-modified
Sun, 12 May 2024 10:02:43 GMT
server
nginx
etag
"664093c3-1d7c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7548
expires
Thu, 31 Dec 2037 23:55:55 GMT
Rom.b5f057db_2rn35B.avif
xyz.rom-tickets.de/_astro/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Rom.b5f057db_2rn35B.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
4ea16db8e19d3e1b13e2831dc5ace497f6f6d43abd0281b11ce314889ce888fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:45 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093c5-25b51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
154449
x-xss-protection
1; mode=block
728x90_Rom.jpg
cdn.contentspread.net/onuni/Turbopass/Banner/Aktion/Turbopass_DE/Rom/
Redirect Chain
  • https://www.awin1.com/cshow.php?s=3480072&v=11624&q=341931&r=1184644
  • https://cdn.contentspread.net/onuni/Turbopass/Banner/Aktion/Turbopass_DE/Rom/728x90_Rom.jpg
53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/onuni/Turbopass/Banner/Aktion/Turbopass_DE/Rom/728x90_Rom.jpg
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
HTTP/1.1
Server
145.239.2.103 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
6cb74e27bfdc01deaf28f96e1ae2be7fbe9a59d495a55f468f34e9c5d170a6fd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sun, 12 May 2024 14:09:56 GMT
Last-Modified
Wed, 18 Oct 2023 10:05:15 GMT
Server
nginx
ETag
"652faddb-d550"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
54608

Redirect headers

Date
Sun, 12 May 2024 14:09:56 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://cdn.contentspread.net/onuni/Turbopass/Banner/Aktion/Turbopass_DE/Rom/728x90_Rom.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Spectral-Bold.2bbaa711.woff2
xyz.rom-tickets.de/_astro/ 		86 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/_astro/Spectral-Bold.2bbaa711.woff2
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/_astro/datenschutz.b0964b81.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
2bbaa7113bbad5fc7d4b457c907dda68b90cf454c8da95cde34f4a51b64de410

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/_astro/datenschutz.b0964b81.css
Origin
https://xyz.rom-tickets.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
last-modified
Sun, 12 May 2024 10:01:38 GMT
server
nginx
etag
"66409382-159c8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
88520
expires
Thu, 31 Dec 2037 23:55:55 GMT
Spectral-Regular.9c4f16b4.woff2
xyz.rom-tickets.de/_astro/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/_astro/Spectral-Regular.9c4f16b4.woff2
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/_astro/datenschutz.b0964b81.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
9c4f16b44fec4a8ca1c9f38d7a6f91645715945b0201ba9275fd5000197bee8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/_astro/datenschutz.b0964b81.css
Origin
https://xyz.rom-tickets.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
last-modified
Sun, 12 May 2024 10:01:38 GMT
server
nginx
etag
"66409382-13670"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
79472
expires
Thu, 31 Dec 2037 23:55:55 GMT
Kolosseum.89000f9e_ZW5b2M.avif
xyz.rom-tickets.de/_astro/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Kolosseum.89000f9e_ZW5b2M.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
c73159dcbdd185d90be92f9af40c36659e60bb983e4087f56b86dfe7163cead6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:44 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093c4-9551"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
38225
x-xss-protection
1; mode=block
Forum-Romanum.5da2f25d_Z2g4pF1.avif
xyz.rom-tickets.de/_astro/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Forum-Romanum.5da2f25d_Z2g4pF1.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
6f73681cc3f513580fa5f07b561be00e31e3913298a272d8e9290dbd43a4aa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:44 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093c4-a402"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
41986
x-xss-protection
1; mode=block
Sixtinische-Kapelle.b7e6d89f_ZBsimM.avif
xyz.rom-tickets.de/_astro/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Sixtinische-Kapelle.b7e6d89f_ZBsimM.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
977fc0186504c5bca2859f2c939718ab531b6ad99a7b744c16e8da43ef394423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:44 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093c4-8682"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
34434
x-xss-protection
1; mode=block
Pantheon.e36365e6_1da6Pf.avif
xyz.rom-tickets.de/_astro/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Pantheon.e36365e6_1da6Pf.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
e0a40659d6e39916ba1c47aed0966b0a2a72f678a539935a744bf225943a6639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:44 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093c4-84d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
34005
x-xss-protection
1; mode=block
Petersdom.d5502edd_Z1UefQC.avif
xyz.rom-tickets.de/_astro/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Petersdom.d5502edd_Z1UefQC.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
99151fc1367a85e2b9a2b9a5ec0c3853a5da9eceefee9a64731bc0cc3571ff3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:44 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093c4-8730"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
34608
x-xss-protection
1; mode=block
Rom.b5f057db_Z2ezDvS.avif
xyz.rom-tickets.de/_astro/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyz.rom-tickets.de/_astro/Rom.b5f057db_Z2ezDvS.avif
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
75789cf22b25fa52b53e0a65574eca061c80c6e4e6d68778e7456818b955ba5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Sun, 12 May 2024 10:02:56 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
etag
"664093d0-ed71"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
60785
x-xss-protection
1; mode=block
widget.js
widget.getyourguide.com/pw/latest/client-loader/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e0ee67ed32972e21363025f8d420026523e2c72041b1f89f0a1a90f450fa1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RTKTKE5JW91ZMP8P
age
21
x-amz-server-side-encryption
AES256
x-amz-id-2
svcwMrZHeSCxW4Nbk+5MZAznv/gQ3idOZTZXPpeQvq9PCnnqTCuHy/Bz7QHaBlQ4iDIBgypiQC8=
last-modified
Fri, 03 May 2024 15:14:29 GMT
server
cloudflare
etag
W/"de0cbb0613910dbc2462b9fedce1cbe5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9o0BY1uT1yRaNBb%2FdFsx45uIuGv0Sfayqdx38cAQyXoWrEWEc%2BnUvSoK0fmypY4ixhcoLjxr9ZaPJssSDYyw4LXv3pHOZDLJbhih%2F%2FcwkgUHeP3IPRFoPblQQWNGg9rHjSkpcoJjfQcEdBLP5ccGEWIU6XoN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=100, public, must-revalidate
cf-ray
882afd471b9091e1-FRA
gnikcart
widget.getyourguide.com/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widget.getyourguide.com/gnikcart?q=eyJwYXJ0bmVyX2lkIjoiSzcwN0NOVSIsInVybCI6Inh5ei5yb20tdGlja2V0cy5kZS8ifQ%3D%3D
Requested by
Host: widget.getyourguide.com
URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:999e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c8aa1708654ab93325b87f8e1157f55eecb2997833b82b3439b085c54b9ef544
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
content-security-policy
default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.02,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-powered-by
Express
x-envoy-upstream-service-time
9
x-xss-protection
1; mode=block
x-request-id
057130c3-20ec-999c-a92f-ea8a2239460f
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L99hRtQiAUEnlDryVCW%2FSSuX7n%2FtGSvb0kL49F8cYS%2BpC9HRI9wEbkDKiHCY1CYUj5p%2BHgp0NQ5q%2BK42KXzWJc4v%2FxvZyee%2BB41Ps0b7YzgrRIWDLS40eRmT7hfyPqBSP4ab7J%2BNnV2B2K1B7nUq%2BWus%2FojT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://xyz.rom-tickets.de
cache-control
private
access-control-allow-credentials
true
cf-ray
882afd476bea91e1-FRA
/
www.tiqets.com/widgets/discovery/ Frame 536E
Redirect Chain
  • https://www.tiqets.com/widgets/discovery?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0&...
  • https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0&altVi=0&altGyg=0&itemCount=20&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
Requested by
Host: widgets.tiqets.com
URL: https://widgets.tiqets.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:12:ff18:1880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 12 May 2024 14:09:56 GMT
strict-transport-security
max-age=15724800
vary
Accept-Encoding
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id
3Rb7PTOawrjRDYKSTTJDd7ltx7ihrfKjt7em1h5ZCEdNlLiTbjVZ7Q==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
925
content-type
text/html; charset=utf-8
date
Sun, 12 May 2024 14:09:56 GMT
location
https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=venue&partner=romtickets&tqCampaign=Home&currency=EUR&destinationId=71631&destinationType=city&language=de&widgetIndex=0&altVi=0&altGyg=0&itemCount=20&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
strict-transport-security
max-age=15724800
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id
RULJPo7-4SrTsy0r-E3wYve3g62-yZgxNcUnx55bVF_RLJRuT7aFXw==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
/
www.tiqets.com/widgets/discovery/ Frame C9D3
Redirect Chain
  • https://www.tiqets.com/widgets/discovery?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C9...
  • https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C977114&widgetIndex=1&altVi=0&altGyg=0&language=en&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
Requested by
Host: widgets.tiqets.com
URL: https://widgets.tiqets.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:a000:12:ff18:1880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 12 May 2024 14:09:56 GMT
strict-transport-security
max-age=15724800
vary
Accept-Encoding
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id
1FMAQMNdIFxrA7keNPzFTS3xbD5nLqnrOuIgEQbmO0L5-Rgyr-UPTg==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
939
content-type
text/html; charset=utf-8
date
Sun, 12 May 2024 14:09:56 GMT
location
https://www.tiqets.com/widgets/discovery/?cardsLayout=responsive&contentType=product&partner=romtickets&tqCampaign=Rom-Sehenswuerdigkeiten&contentIds=1013153%2C975066%2C1030221%2C974743%2C975066%2C977114&widgetIndex=1&altVi=0&altGyg=0&language=en&tiqetsVf=DiscoveryWidget_XNBG76MBJoIajRGFSu9mn&origin=https%3A%2F%2Fxyz.rom-tickets.de%2F
strict-transport-security
max-age=15724800
via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id
vq2_Mn1dif7Ki9Dd79rj3ovFuvTtWKNrZW5dfOOgiaAgt4eItLtNaQ==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
matomo.js
cdn.rom-tickets.de/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rom-tickets.de/matomo.js
Requested by
Host: xyz.rom-tickets.de
URL: https://xyz.rom-tickets.de/_astro/page.5ad31abe.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cdn-requestpullsuccess
True
date
Sun, 12 May 2024 14:09:56 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
07/07/2023 04:39:06
cdn-pullzone
1352733
last-modified
Wed, 19 Apr 2023 13:11:18 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"643fe876-10132"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
965a3168-547e-439c-98ef-bc78b65bebdd
cache-control
max-age=315360000
cdn-requestid
6b8decf3595d9ddd8b1e9a3760da31df
cdn-requestcountrycode
DE
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
matomo.php
cdn.rom-tickets.de/ 		0
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.rom-tickets.de/matomo.php?action_name=RomTickets%20-%20Eintritt%20%26%20Touren%20einfach%20online%20buchen&idsite=5&rec=1&r=473433&h=16&m=9&s=56&url=https%3A%2F%2Fxyz.rom-tickets.de%2F&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=eHhi8B&pf_net=37&pf_srv=9&pf_tfr=9&pf_dm1=22&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: cdn.rom-tickets.de
URL: https://cdn.rom-tickets.de/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sun, 12 May 2024 14:09:56 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
cdn-edgestorageid
1081
cdn-cachedat
05/12/2024 14:09:56
cdn-pullzone
1352733
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
BunnyCDN-DE1-1081
cdn-requestpullcode
204
cdn-proxyver
1.04
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://xyz.rom-tickets.de
cdn-uid
965a3168-547e-439c-98ef-bc78b65bebdd
access-control-allow-credentials
true
cdn-requestid
2e986fa207c366ee8ef8b4306ae1efa4
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
favicon.svg
xyz.rom-tickets.de/ 		1007 B
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
5694d3a76fa9ee165fb33ded19b5559afe1b3d50a773e231c08b9091a67b11b5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:57 GMT
content-encoding
br
last-modified
Sun, 12 May 2024 10:09:06 GMT
server
nginx
etag
W/"66409542-3ef"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
favicon.ico
xyz.rom-tickets.de/ 		11 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xyz.rom-tickets.de/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.210.203 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.203.210.203.116.clients.your-server.de
Software
nginx /
Resource Hash
12fec86bf279c649aed8ca8a979810dc573492919def48c769c297b198d6e393

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xyz.rom-tickets.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 14:09:57 GMT
last-modified
Sun, 12 May 2024 10:01:39 GMT
server
nginx
etag
"66409383-2aee"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
10990
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| HistoryEvents string| gygPAStatus object| _GYG object| widget object| GYG object| google_tag_manager object| google_tag_data object| dataLayer string| DISCOVERYWIDGET_VF object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

4 Cookies

Domain/Path Name / Value
.awin1.com/ Name: awpv11624
Value: 1184644|1715522996
.awin1.com/ Name: AWSESS
Value: 341931:3480072
.getyourguide.com/ Name: visitor_id
Value: 85CE68303FF44B2A9C59C69607D740E2
xyz.rom-tickets.de/ Name: session_id
Value: e651b5e7-3f7b-43e8-8005-a1ff8a0efe1a

3 Console Messages

Source Level URL
Text
other warning URL: https://xyz.rom-tickets.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xyz.rom-tickets.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xyz.rom-tickets.de/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.contentspread.net
cdn.rom-tickets.de
widget.getyourguide.com
widgets.tiqets.com
www.awin1.com
www.googletagmanager.com
www.tiqets.com
xyz.rom-tickets.de
116.203.210.203
145.239.2.103
2400:52e0:1e00::1081:1
2600:9000:2127:8800:18:278d:b500:93a1
2600:9000:2127:a000:12:ff18:1880:93a1
2606:4700:4400::ac40:999e
2a00:1450:4001:810::2008
92.123.148.9
12fec86bf279c649aed8ca8a979810dc573492919def48c769c297b198d6e393
2bbaa7113bbad5fc7d4b457c907dda68b90cf454c8da95cde34f4a51b64de410
2f39a9ba9efd5c483398bc6848c0b63d58a71b49d3bc015d618c87aed6e3813f
4ea16db8e19d3e1b13e2831dc5ace497f6f6d43abd0281b11ce314889ce888fa
5694d3a76fa9ee165fb33ded19b5559afe1b3d50a773e231c08b9091a67b11b5
5cbf72648db5a7e70fe8bfce09e4f1c161b2bfefe0b4c05f55205dc00e41b1fc
6cb74e27bfdc01deaf28f96e1ae2be7fbe9a59d495a55f468f34e9c5d170a6fd
6f73681cc3f513580fa5f07b561be00e31e3913298a272d8e9290dbd43a4aa03
75789cf22b25fa52b53e0a65574eca061c80c6e4e6d68778e7456818b955ba5f
88bfba4981e525e8bc6c6c4bcf7172801aba9cc6d0dc5ad3b50ba07f572e8d8b
977fc0186504c5bca2859f2c939718ab531b6ad99a7b744c16e8da43ef394423
99151fc1367a85e2b9a2b9a5ec0c3853a5da9eceefee9a64731bc0cc3571ff3a
9c4f16b44fec4a8ca1c9f38d7a6f91645715945b0201ba9275fd5000197bee8e
9d57f39d8f2f0e3abaed129871cf8cbc15e5ba23e258c0d89ef0bc017ada3009
a0e0ee67ed32972e21363025f8d420026523e2c72041b1f89f0a1a90f450fa1d
a938cd591da4ddd9e5a0f10a5c171126702f4713f292373fbb6f6b8ead10a5f4
aae693dd2b22a9128e505509459ea412cd531b0fbe9017bb6e5be8d6e0a3e9fd
b1b42a50c4ff8f2bddaa26602bbbcd99026126294fc094ff3378a16e18181a83
c73159dcbdd185d90be92f9af40c36659e60bb983e4087f56b86dfe7163cead6
c8aa1708654ab93325b87f8e1157f55eecb2997833b82b3439b085c54b9ef544
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e0a40659d6e39916ba1c47aed0966b0a2a72f678a539935a744bf225943a6639
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855