urlscan.io logo urlscan.io
SecurityTrails logo

booking-department.online.iticket.com Open in urlscan Pro
2606:4700:4400::6812:2545  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booking-department.online.iticket.com/
Effective URL: https://booking-department.online.iticket.com/home/selectlanguage
Submission: On May 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2606:4700:4400::6812:2545, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking-department.online.iticket.com.
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.
This is the only time booking-department.online.iticket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 7 2606:4700:440... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 20.107.224.25 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
19 9
7    2606:4700:4400::6812:2545 (United States)

ASN13335 (CLOUDFLARENET, US)
booking-department.online.iticket.com
4    2606:4700:4400::ac40:96bb (United States)

ASN13335 (CLOUDFLARENET, US)
css.citybreak.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    20.107.224.25 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
resources.citybreak.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:20::681a:477 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.visitgroup.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
iticket.com
Apex Domain
Subdomains		 Transfer
8 citybreak.com
css.citybreak.com — Cisco Umbrella Rank: 929042
resources.citybreak.com
256 KB
8 iticket.com
booking-department.online.iticket.com
iticket.com
627 KB
3 visitgroup.com
analytics.visitgroup.com
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 gstatic.com
fonts.gstatic.com
20 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
24 KB
19 6
Domain Requested by
7 booking-department.online.iticket.com 4 redirects booking-department.online.iticket.com
4 resources.citybreak.com booking-department.online.iticket.com
resources.citybreak.com
4 css.citybreak.com booking-department.online.iticket.com
3 analytics.visitgroup.com booking-department.online.iticket.com
analytics.visitgroup.com
2 fonts.googleapis.com booking-department.online.iticket.com
css.citybreak.com
1 iticket.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com booking-department.online.iticket.com
19 8

This site contains links to these domains. Also see Links.

Domain
iticket.com
experiences.online.iticket.com
Subject Issuer Validity Valid
booking-department.online.iticket.com
R3		 2024-03-24 -
2024-06-22		 3 months crt.sh
citybreak.com
E1		 2024-03-17 -
2024-06-15		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
resources.citybreak.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-27 -
2024-09-27		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
visitgroup.com
E1		 2024-03-17 -
2024-06-15		 3 months crt.sh
iticket.com
E1		 2024-04-30 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking-department.online.iticket.com/home/selectlanguage
Frame ID: 62E754DE817597CAA0AE4D54742E686D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sprache wählen

Page URL History Show full URLs

  1. https://booking-department.online.iticket.com/ HTTP 301
    https://booking-department.online.iticket.com/home/selectLanguage HTTP 301
    https://booking-department.online.iticket.com/home/selectlanguage Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

9
IPs

4
Countries

931 kB
Transfer

4254 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking-department.online.iticket.com/ HTTP 301
    https://booking-department.online.iticket.com/home/selectLanguage HTTP 301
    https://booking-department.online.iticket.com/home/selectlanguage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://booking-department.online.iticket.com/basketwidget/widget HTTP 301
  • https://booking-department.online.iticket.com/home/selectLanguage HTTP 301
  • https://booking-department.online.iticket.com/home/selectlanguage

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request selectlanguage
booking-department.online.iticket.com/home/
Redirect Chain
  • https://booking-department.online.iticket.com/
  • https://booking-department.online.iticket.com/home/selectLanguage
  • https://booking-department.online.iticket.com/home/selectlanguage
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53932083a260f0e90226664439177e94ae1723454fff494467543c7c791a803c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8810edf5b9624db8-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 09 May 2024 10:15:39 GMT
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
server
cloudflare
strict-transport-security
max-age=15552000
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
DENY
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8810edf538cf4db8-FRA
date
Thu, 09 May 2024 10:15:39 GMT
location
https://booking-department.online.iticket.com:443/home/selectlanguage
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
server
cloudflare
strict-transport-security
max-age=15552000
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-ua-compatible
IE=edge
widget_basket
css.citybreak.com/api/widget/compile/1491384962/ 		243 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/widget/compile/1491384962/widget_basket
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a2ff0c909f929988410f97d2d868187280a2b9fd784601bda6a48f98e92180
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 09 May 2024 10:15:39 GMT
server
cloudflare
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
8810edf83d539043-FRA
expires
Sun, 09 Jun 2024 10:15:39 GMT
styles
css.citybreak.com/api/baseContent/css/ 		436 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/baseContent/css/styles
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55135795c47021fc7dc98bfc7616ae02bf3a4845a9125451ff564583e87a4195
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 07 May 2024 08:01:58 GMT
server
cloudflare
age
180821
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-encoding
gzip
cache-control
public, max-age=2678400
cf-ray
8810edf82d529043-FRA
expires
Sun, 09 Jun 2024 10:15:39 GMT
1491384962
css.citybreak.com/api/css/ 		988 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/css/1491384962
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b968fe49f1d5206a8f29ceaf22c8daa640072c17af45648cae4e48b7f5df44e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 09 May 2024 10:15:39 GMT
server
cloudflare
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
8810edf82d4e9043-FRA
expires
Sun, 09 Jun 2024 10:15:39 GMT
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Origin
https://booking-department.online.iticket.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7168235
x-cache
HIT, HIT
content-length
24606
x-served-by
cache-lga21954-LGA, cache-fra-etou8220023-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715249740.535856,VS0,VE0
etag
W/"28feccc0-11abc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
17, 36180
css2
fonts.googleapis.com/ 		2 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Wix+Madefor+Text:wght@400..800&display=swap
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57df813b6ddcfb619a0cc23fc084711be87387f5d6f2fa9e70a6c8f709b478e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 10:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 10:15:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 10:15:39 GMT
style.css
resources.citybreak.com/template_gen_2/content/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.citybreak.com/template_gen_2/content/css/style.css
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.107.224.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c14f0fb5e36abeeedfcd95a33f4b863e081870de6284341555a9a952db5c0df6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
last-modified
Thu, 09 May 2024 06:02:16 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"663c66e8-7a5a"
content-length
31322
content-type
text/css
print
css.citybreak.com/api/baseContent/css/ 		822 B
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/baseContent/css/print
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e24c02bf6dcdcabc81c34c4c4c0558d52bf64568d5f6cbd1b312ffd2ca57164
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 07 May 2024 08:01:58 GMT
server
cloudflare
age
180821
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-encoding
gzip
cache-control
public, max-age=2678400
cf-ray
8810edfab80d9043-FRA
expires
Sun, 09 Jun 2024 10:15:39 GMT
app-655444cf.js
booking-department.online.iticket.com/content/combinedjs/ 		2 MB
567 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking-department.online.iticket.com/content/combinedjs/app-655444cf.js
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7a78e281600f11916a83efe6d4f1f61b9cae0c560747f05b90105a32e46fcb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/home/selectlanguage
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
content-length
579959
x-ua-compatible
IE=edge
last-modified
Mon, 29 Apr 2024 11:23:34 GMT
server
cloudflare
etag
"0bff1ab279ada1:0"
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8810edf80c654db8-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 09 Jun 2024 10:15:39 GMT
selectlanguage
booking-department.online.iticket.com/home/
Redirect Chain
  • https://booking-department.online.iticket.com/basketwidget/widget
  • https://booking-department.online.iticket.com/home/selectLanguage
  • https://booking-department.online.iticket.com/home/selectlanguage
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking-department.online.iticket.com/home/selectlanguage
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Server
2606:4700:4400::6812:2545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53932083a260f0e90226664439177e94ae1723454fff494467543c7c791a803c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://booking-department.online.iticket.com/home/selectlanguage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
content-encoding
gzip
x-frame-options
DENY
content-type
text/html; charset=utf-8
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
cache-control
private
cf-ray
8810edfadfe84db8-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-ua-compatible
IE=edge

Redirect headers

date
Thu, 09 May 2024 10:15:39 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
location
https://booking-department.online.iticket.com:443/home/selectlanguage
cache-control
private
cf-ray
8810edf538cf4db8-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-ua-compatible
IE=edge
css2
fonts.googleapis.com/ 		5 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Requested by
Host: css.citybreak.com
URL: https://css.citybreak.com/api/widget/compile/1491384962/widget_basket
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://css.citybreak.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 May 2024 10:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 May 2024 10:07:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 May 2024 10:15:39 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25820b8511cba1d5d993fe536e000acbc72a21ad19c011009025be8b71981ebc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
globe-regular.svg
resources.citybreak.com/template_gen_2/content/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.citybreak.com/template_gen_2/content/icon/globe-regular.svg
Requested by
Host: resources.citybreak.com
URL: https://resources.citybreak.com/template_gen_2/content/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.107.224.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
f4bafc72608f6941f14057e495a63c49d7db0fb88d2f9fdf63d97d362116fb42

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://resources.citybreak.com/template_gen_2/content/css/style.css
Origin
https://booking-department.online.iticket.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
last-modified
Thu, 09 May 2024 06:02:16 GMT
server
nginx/1.24.0
etag
"663c66e8-475"
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
1141
chevron-down-regular.svg
resources.citybreak.com/template_gen_2/content/icon/ 		396 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.citybreak.com/template_gen_2/content/icon/chevron-down-regular.svg
Requested by
Host: resources.citybreak.com
URL: https://resources.citybreak.com/template_gen_2/content/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.107.224.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
0c572f2f0f4cebc1897154d3a2e999c08eff0e5e4c53a2e32c1ced10824fc573

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://resources.citybreak.com/template_gen_2/content/css/style.css
Origin
https://booking-department.online.iticket.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
last-modified
Thu, 09 May 2024 06:02:16 GMT
server
nginx/1.24.0
etag
"663c66e8-18c"
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
396
bag-shopping-regular.svg
resources.citybreak.com/template_gen_2/content/icon/ 		610 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.citybreak.com/template_gen_2/content/icon/bag-shopping-regular.svg
Requested by
Host: resources.citybreak.com
URL: https://resources.citybreak.com/template_gen_2/content/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.107.224.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
254cdb1b73b5c4e071dbbbc378c5294398896de1465357678a02899a75d82b84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://resources.citybreak.com/template_gen_2/content/css/style.css
Origin
https://booking-department.online.iticket.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
last-modified
Thu, 09 May 2024 06:02:16 GMT
server
nginx/1.24.0
etag
"663c66e8-262"
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
610
-W_lXI_oSymQ8Qj-Apx3HGN_Hu1RZiUR5w.woff2
fonts.gstatic.com/s/wixmadefortext/v13/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/wixmadefortext/v13/-W_lXI_oSymQ8Qj-Apx3HGN_Hu1RZiUR5w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Wix+Madefor+Text:wght@400..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9b8c33eca8cc4369d759fd5533cfbfa446db3620d3adc96d270abf5d508990e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://booking-department.online.iticket.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:51:27 GMT
x-content-type-options
nosniff
age
181453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20288
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 00:35:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:51:27 GMT
script.js
analytics.visitgroup.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.visitgroup.com/script.js
Requested by
Host: booking-department.online.iticket.com
URL: https://booking-department.online.iticket.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:477 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e70678cbf7e8c157c423bac4d2872f3b384a1784f43b1126ae5e59fd45d144
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000
content-encoding
br
x-dns-prefetch-control
on
last-modified
Thu, 07 Mar 2024 02:42:44 GMT
server
cloudflare
etag
W/"977-18e16caa8a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmBqHtdBJKmtlz6057tVwyRaUohpb%2FCU%2BYEp8ObmAPPnFSioGi7iIG%2BpteU8nkwNI5uHUn7mjggDe3nR3BFq6LarEIcEGBuZgrhl22aT0TXHBRFMo8btn4tK8g4H8nTaMVlokx4AI9lADkDghrXzRYU4J%2FCX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=16070400
cf-ray
8810edfd3b6a30ea-FRA
send
analytics.visitgroup.com/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.visitgroup.com/api/send
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:477 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://booking-department.online.iticket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8810edfe1eca1c15-FRA
content-length
0
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
date
Thu, 09 May 2024 10:15:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1jNXdnQ3cIB4TAKjllGLtwCq52iUer%2BvX115oNCrZWGn9Op9uKfIDzwjLKeAyoTUOuAQZ%2FIxUV%2FEm%2Fi8hg2hPBuUIuNqoD%2FSFmUmaFF9bQ3jc1qF4dBnCn4qTNSUeevIUeoRGoNGo9gbE%2F1uryGOOi9jHR50Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
vary
Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
on
send
analytics.visitgroup.com/api/ 		633 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.visitgroup.com/api/send
Requested by
Host: analytics.visitgroup.com
URL: https://analytics.visitgroup.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:477 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493b1faace211b2b4be3af5416bfdc30fd18591bc056226c2af3da123bf40786
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
content-encoding
br
etag
W/"f25zauciw7hl"
x-dns-prefetch-control
on
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ls%2BHr3Vvp6hSmYNunIrXUbEOKCJLv7iiT5dMUhF%2F3VZuxgRa%2FLtuSYAYJP%2B%2BDiooQoiyseobf4lLrNKkLybRfaWHU04iBB8YCdAcvGWjdOv5FA7IV7vHIbVUIof2uvAtgroWgNVTGsJ5%2BMXGf1JvzMxcQbEU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8810edfeaf9e1c15-FRA
favicon_0.ico
iticket.com/sites/cb_iticketweb/files/ 		58 KB
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://iticket.com/sites/cb_iticketweb/files/favicon_0.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d62857169fc83ba404a211a868505ba4df7c71f65f85c89d283e1f9ea05da9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://booking-department.online.iticket.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:15:40 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52729
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 09:48:22 GMT
server
cloudflare
etag
W/"659e67e6-e7b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zFJiapb68hcnxCtS5tcoRbXkKhnlnzI6RLwjQNGxQzoOXiuDUgwEMk%2BBb%2B8w4BOAvwnPMJRjpXvhZwgSuGPewrc8FdKUQaLhcPLixh2ntu6ciC0mivSh9qS1982v9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
access-control-allow-origin
*, *
cache-control
max-age=31536000
cf-ray
8810edfe1edc9054-FRA
expires
Thu, 08 May 2025 19:36:51 GMT

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| container object| citybreak function| _typeof undefined| Label function| _createClass function| _classCallCheck function| IOlazy function| NativeCustomEvent function| useNative function| cb_fbs_click boolean| isFreeTextSearchAjaxLoading function| modifyCompareAccommodationUrl function| addClassesToCheckboxContainers function| modifyCompareTab function| compareAccommodationUrl function| compareAccommodation function| setSelectedCompareAccommodationCheckboxes function| getAccommodationsForComparasion function| removeAccommodationForComparasion function| addAccommodationForComparasion function| bindRemoveAccommodationsForComparasion function| bindAccommodationCompareCheckboxes function| initFreetextSidebarSearch function| cb_accommodation_searchform_onChildChange function| cb_formcreate_in function| cb_formcreate_form2 function| cb_formcreate_form_discountcategory function| cb_formcreate_form_discount function| cb_formcreate_form_pricecalendar function| cb_formcreate_form_pricecal object| $CBLAB object| cbMustache function| CBJQ function| citybreakjq object| jQBrowser object| cbamplify object| dOptions function| cbmoment object| cbHistory function| citybreakInputmask function| _ object| FixedSticky object| cbBlobUtil function| cbEXIF function| cbCroppie object| citybreakGroupBasket object| citybreakMobileRedirection object| citybreakGeography object| citybreakCommonSearchForm object| citybreakCarRentalSearchForm object| citybreakFlightSearchForm object| citybreakActivity object| citybreakActivityBooking object| citybreakActivitySearchForm object| citybreakOccasionOverview object| citybreakOccasionFilter object| citybreakSeatSelection object| citybreakFerrySearchForm object| citybreakPoiDistanceMap object| customerInformation object| citybreakLookup object| citybreakPublicTransportSearchForm object| citybreakPublicTransportSearchResult object| citybreakPublicTransportSearchResultResponsive object| citybreakActivityTransportControls object| citybreakActivityTransportWidgetSearchForm object| citybreakResultsList object| citybreakUnobtrusiveValidation object| eventBookingTicketSelection object| citybreakFuzzyCalendar object| citybreakAccommodationSearchForm object| citybreakPaymentProccess object| citybreakPriceCalendar object| citybreakCabinControls object| citybreakDetailsGallery object| citybreakCabinVillageControls object| citybreakPromotionCode object| citybreakHitAlternativeDayByDay object| citybreakAccommodationResults object| citybreakNearbyArea object| citybreakAccommodationBooking object| citybreakFerryMongoResults object| citybreakPackageGenericFerryResult object| citybreakFerryMongoSimpleSearchForm object| citybreakComplementaryFerryControls object| citybreakComplementaryControls object| citybreakOptionalControls object| citybreakOptionalPublicTransport object| citybreakGuestReviews object| citybreakPackageSearchProgress object| citybreakAccommodationModalGallery object| citybreakAccommodationFlightSearchform object| citybreakAccommodationFerryPackageSearchInfo object| citybreakAccommodationFerryPackageSearchform object| citybreakAccommodationFerryPackageFerryResult object| citybreakAccommodationFerryPackageAccommodationResult object| citybreakAccommodationTodoPackageSearchform object| citybreakTodoTodoPackageSearchform object| citybreakAccommodationAccommodationPackageSearchform object| citybreakPackageNextStep object| citybreakGroupedBasketProductInfo object| citybreakCarRentalUpgrade object| citybreakMyPageLoginForm object| citybreakMyPageResponsiveLoginForm object| citybreakMyPageGoogleMap object| citybreakMyPageWidget object| citybreakBookFlight object| citybreakBookFlightResponsive object| citybreakComplementaryCabinFerryControls object| citybreakLoyaltyLogin object| citybreakChangeBookingDetails object| cbPopper function| cbTippy function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| cbFlickity function| Unipointer function| Unidragger function| imagesLoaded object| citybreakNetsEasyCheckout function| jsQR object| umami

4 Cookies

Domain/Path Name / Value
.iticket.com/ Name: online3_1491384962_de-DE_de-DE
Value: hjeffkylf42pyplscercfg21
.iticket.com/ Name: online3_ss_1491384962_de-DE_de-DE
Value: hjeffkylf42pyplscercfg21
booking-department.online.iticket.com/ Name: ca-citybreak-online
Value: cbonline02
.resources.citybreak.com/ Name: ARRAffinitySameSite
Value: ada492a89cbfbfddd37272c217d134cb9210b70e1c8ef65fdce0e992967da59c

2 Console Messages

Source Level URL
Text
other warning URL: https://booking-department.online.iticket.com/home/selectlanguage
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://booking-department.online.iticket.com/home/selectlanguage(Line 287)
Message:
Refused to execute script from 'https://booking-department.online.iticket.com/home/selectlanguage' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.visitgroup.com
booking-department.online.iticket.com
code.jquery.com
css.citybreak.com
fonts.googleapis.com
fonts.gstatic.com
iticket.com
resources.citybreak.com
188.114.96.3
20.107.224.25
2606:4700:20::681a:477
2606:4700:4400::6812:2545
2606:4700:4400::ac40:96bb
2a00:1450:4001:800::200a
2a00:1450:4001:82f::2003
2a04:4e42:200::649
0c572f2f0f4cebc1897154d3a2e999c08eff0e5e4c53a2e32c1ced10824fc573
20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98
254cdb1b73b5c4e071dbbbc378c5294398896de1465357678a02899a75d82b84
25820b8511cba1d5d993fe536e000acbc72a21ad19c011009025be8b71981ebc
493b1faace211b2b4be3af5416bfdc30fd18591bc056226c2af3da123bf40786
53932083a260f0e90226664439177e94ae1723454fff494467543c7c791a803c
55135795c47021fc7dc98bfc7616ae02bf3a4845a9125451ff564583e87a4195
56e70678cbf7e8c157c423bac4d2872f3b384a1784f43b1126ae5e59fd45d144
57df813b6ddcfb619a0cc23fc084711be87387f5d6f2fa9e70a6c8f709b478e8
5f7a78e281600f11916a83efe6d4f1f61b9cae0c560747f05b90105a32e46fcb
69a2ff0c909f929988410f97d2d868187280a2b9fd784601bda6a48f98e92180
7e24c02bf6dcdcabc81c34c4c4c0558d52bf64568d5f6cbd1b312ffd2ca57164
a0d62857169fc83ba404a211a868505ba4df7c71f65f85c89d283e1f9ea05da9
b968fe49f1d5206a8f29ceaf22c8daa640072c17af45648cae4e48b7f5df44e2
b9b8c33eca8cc4369d759fd5533cfbfa446db3620d3adc96d270abf5d508990e
c14f0fb5e36abeeedfcd95a33f4b863e081870de6284341555a9a952db5c0df6
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
f4bafc72608f6941f14057e495a63c49d7db0fb88d2f9fdf63d97d362116fb42