urlscan.io logo urlscan.io
SecurityTrails logo

booking.tromsoaurorahusky.com Open in urlscan Pro
2606:4700::6812:1747  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booking.tromsoaurorahusky.com/
Effective URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Submission: On September 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6812:1747, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking.tromsoaurorahusky.com.
TLS certificate: Issued by E5 on September 6th 2024. Valid for: 3 months.
This is the only time booking.tromsoaurorahusky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
2 20.107.224.25 8075 (MICROSOFT...)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.64.237 54113 (FASTLY)
21 9
11    2606:4700::6812:1747 (United States)

ASN13335 (CLOUDFLARENET, US)
booking.tromsoaurorahusky.com
css.citybreak.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    20.107.224.25 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
resources.citybreak.com
4    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2606:4700:20::681a:577 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.visitgroup.com
1    151.101.64.237 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.squarespace.com
Apex Domain
Subdomains		 Transfer
7 tromsoaurorahusky.com
booking.tromsoaurorahusky.com
562 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
83 KB
6 citybreak.com
css.citybreak.com
resources.citybreak.com
251 KB
2 visitgroup.com
analytics.visitgroup.com
2 KB
1 squarespace.com
assets.squarespace.com — Cisco Umbrella Rank: 9585
830 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
21 7
Domain Requested by
7 booking.tromsoaurorahusky.com 4 redirects booking.tromsoaurorahusky.com
4 use.typekit.net booking.tromsoaurorahusky.com
css.citybreak.com
use.typekit.net
4 css.citybreak.com booking.tromsoaurorahusky.com
2 analytics.visitgroup.com booking.tromsoaurorahusky.com
analytics.visitgroup.com
2 p.typekit.net use.typekit.net
2 resources.citybreak.com booking.tromsoaurorahusky.com
resources.citybreak.com
1 assets.squarespace.com
1 fonts.googleapis.com css.citybreak.com
1 code.jquery.com booking.tromsoaurorahusky.com
21 9

This site contains links to these domains. Also see Links.

Domain
www.tromsoaurorahusky.com
online3-next.citybreak.com
Subject Issuer Validity Valid
booking.tromsoaurorahusky.com
E5		 2024-09-06 -
2024-12-05		 3 months crt.sh
citybreak.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
resources.citybreak.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-08-14 -
2025-02-14		 6 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-27 -
2025-09-27		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
visitgroup.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
*.squarespace.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-09 -
2025-02-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://booking.tromsoaurorahusky.com/home/selectlanguage
Frame ID: 8DF26E1FA702A883FA1B183D13AD8722
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sprache wählen

Page URL History Show full URLs

  1. https://booking.tromsoaurorahusky.com/ HTTP 301
    https://booking.tromsoaurorahusky.com/home/selectLanguage HTTP 301
    https://booking.tromsoaurorahusky.com/home/selectlanguage Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

923 kB
Transfer

4207 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.tromsoaurorahusky.com/ HTTP 301
    https://booking.tromsoaurorahusky.com/home/selectLanguage HTTP 301
    https://booking.tromsoaurorahusky.com/home/selectlanguage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://booking.tromsoaurorahusky.com/basketwidget/widget HTTP 301
  • https://booking.tromsoaurorahusky.com/home/selectLanguage HTTP 301
  • https://booking.tromsoaurorahusky.com/home/selectlanguage

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request selectlanguage
booking.tromsoaurorahusky.com/home/
Redirect Chain
  • https://booking.tromsoaurorahusky.com/
  • https://booking.tromsoaurorahusky.com/home/selectLanguage
  • https://booking.tromsoaurorahusky.com/home/selectlanguage
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670389ba83855ce2a414337b1c0387622ce6d8b5ce9fdb4a8de9634ec388b314
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8bf68343c92c195c-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 07 Sep 2024 11:55:57 GMT
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
server
cloudflare
strict-transport-security
max-age=15552000
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
DENY
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8bf683436891195c-FRA
date
Sat, 07 Sep 2024 11:55:57 GMT
location
https://booking.tromsoaurorahusky.com:443/home/selectlanguage
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
server
cloudflare
strict-transport-security
max-age=15552000
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-ua-compatible
IE=edge
widget_basket
css.citybreak.com/api/widget/compile/904182411/ 		255 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/widget/compile/904182411/widget_basket
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533550ee78a3a73d5ee5ad91db691aa987e73bbd5e886884989cc2bc3efc4747
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 06 Sep 2024 12:29:13 GMT
server
cloudflare
age
84405
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-encoding
gzip
cache-control
public, max-age=2678400
cf-ray
8bf683476debd223-FRA
expires
Tue, 08 Oct 2024 11:55:58 GMT
styles
css.citybreak.com/api/baseContent/css/ 		436 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/baseContent/css/styles
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55135795c47021fc7dc98bfc7616ae02bf3a4845a9125451ff564583e87a4195
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 05 Sep 2024 14:30:32 GMT
server
cloudflare
age
163526
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-encoding
gzip
cache-control
public, max-age=2678400
cf-ray
8bf683476df3d223-FRA
expires
Tue, 08 Oct 2024 11:55:58 GMT
904182411
css.citybreak.com/api/css/ 		972 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/css/904182411
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b06996f40e39855d312f80d73adcd7a53d226b5f041ace379c9d11904fc24c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 07 Sep 2024 08:19:57 GMT
server
cloudflare
age
12961
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-encoding
gzip
cache-control
public, max-age=2678400
cf-ray
8bf683476defd223-FRA
expires
Tue, 08 Oct 2024 11:55:58 GMT
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer
https://booking.tromsoaurorahusky.com/
Origin
https://booking.tromsoaurorahusky.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2775897
x-cache
HIT, HIT
content-length
24606
x-served-by
cache-lga21954-LGA, cache-fra-etou8220055-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1725710158.985619,VS0,VE0
etag
W/"28feccc0-11abc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
17, 17594
style.css
resources.citybreak.com/template_gen_2/content/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.citybreak.com/template_gen_2/content/css/style.css
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.107.224.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
c14f0fb5e36abeeedfcd95a33f4b863e081870de6284341555a9a952db5c0df6

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
last-modified
Wed, 04 Sep 2024 06:44:48 GMT
server
nginx/1.26.1
accept-ranges
bytes
etag
"66d801e0-7a5a"
content-length
31322
content-type
text/css
bbs7aqc.css
use.typekit.net/ 		2 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/bbs7aqc.css
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8fd8921893956ae0bf5cd90f74511e8ec4535f681526bbc70f5735c1ac9f6e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sat, 07 Sep 2024 11:55:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
627
app-c621a57d.js
booking.tromsoaurorahusky.com/content/combinedjs/ 		2 MB
555 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.tromsoaurorahusky.com/content/combinedjs/app-c621a57d.js
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f6817d4178e76d72b9ea61c9ac39b2e77f555bdee1cb4e07d07935384f01e51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.tromsoaurorahusky.com/home/selectlanguage
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=15552000
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
content-length
567764
x-ua-compatible
IE=edge
last-modified
Sun, 01 Sep 2024 15:19:42 GMT
server
cloudflare
etag
"0bb5d5e82fcda1:0"
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8bf683471bfa195c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 08 Oct 2024 11:55:58 GMT
selectlanguage
booking.tromsoaurorahusky.com/home/
Redirect Chain
  • https://booking.tromsoaurorahusky.com/basketwidget/widget
  • https://booking.tromsoaurorahusky.com/home/selectLanguage
  • https://booking.tromsoaurorahusky.com/home/selectlanguage
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.tromsoaurorahusky.com/home/selectlanguage
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670389ba83855ce2a414337b1c0387622ce6d8b5ce9fdb4a8de9634ec388b314
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://booking.tromsoaurorahusky.com/home/selectlanguage
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
content-encoding
gzip
x-frame-options
DENY
content-type
text/html; charset=utf-8
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
cache-control
private
cf-ray
8bf6834a2eb2195c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-ua-compatible
IE=edge

Redirect headers

date
Sat, 07 Sep 2024 11:55:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
p3p
policyref="/w3c/p3pa.xml", CP="NOI DSP COR CURa OUR NOR STA"
location
https://booking.tromsoaurorahusky.com:443/home/selectlanguage
cache-control
private
cf-ray
8bf683436891195c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-ua-compatible
IE=edge
print
css.citybreak.com/api/baseContent/css/ 		822 B
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.citybreak.com/api/baseContent/css/print
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e24c02bf6dcdcabc81c34c4c4c0558d52bf64568d5f6cbd1b312ffd2ca57164
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 26 Aug 2024 05:50:57 GMT
server
cloudflare
age
1058701
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-encoding
gzip
cache-control
public, max-age=2678400
cf-ray
8bf6834a980ad223-FRA
expires
Tue, 08 Oct 2024 11:55:58 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
Requested by
Host: css.citybreak.com
URL: https://css.citybreak.com/api/widget/compile/904182411/widget_basket
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21235e6a5a471ef0772fb0f61ac31e63003918e9a3dd23801909c880ed36bfa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://css.citybreak.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 07 Sep 2024 11:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 07 Sep 2024 11:49:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 Sep 2024 11:55:58 GMT
imq8zze.css
use.typekit.net/ 		3 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/imq8zze.css
Requested by
Host: css.citybreak.com
URL: https://css.citybreak.com/api/css/904182411
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e117fcd215c10cb6b6c9ca64224e699ba4b86306ea4f0d4010b9b6e7e8edd2df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://css.citybreak.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sat, 07 Sep 2024 11:55:58 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
678
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=bbs7aqc&ht=tk&f=1692.1694&a=522328&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bbs7aqc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=imq8zze&ht=tk&f=42534.42537.42538&a=522328&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/imq8zze.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
basket-shopping-light.svg
resources.citybreak.com/template_gen_2/content/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.citybreak.com/template_gen_2/content/icon/basket-shopping-light.svg
Requested by
Host: resources.citybreak.com
URL: https://resources.citybreak.com/template_gen_2/content/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.107.224.25 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
506e077e7f4bcc1372c4af1ab4046713b88862f65458575fc592e1f82e6e73b2

Request headers

Referer
https://resources.citybreak.com/template_gen_2/content/css/style.css
Origin
https://booking.tromsoaurorahusky.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
last-modified
Wed, 04 Sep 2024 06:44:48 GMT
server
nginx/1.26.1
etag
"66d801e0-486"
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
1158
l
use.typekit.net/af/2868ab/00000000000000007735ce88/30/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2868ab/00000000000000007735ce88/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/imq8zze.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1d082d5440b232991ed60e008ba3b9affdf469eed3187702e7d3c7436a427619

Request headers

Referer
https://use.typekit.net/imq8zze.css
Origin
https://booking.tromsoaurorahusky.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
server
nginx
etag
"d90360b559ff140d9ebff4e7d2aab939758e7d91"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34948
l
use.typekit.net/af/adf251/00000000000000000000d834/27/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/adf251/00000000000000000000d834/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/bbs7aqc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2b984980c47809389cb11db75653382dd899886e848ec61ebdcb25d0531bdf4

Request headers

Referer
https://use.typekit.net/bbs7aqc.css
Origin
https://booking.tromsoaurorahusky.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
server
nginx
etag
"cb00ddbe5474a30ffe05f3ea352db4ad7ff32d59"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47564
script.js
analytics.visitgroup.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.visitgroup.com/script.js
Requested by
Host: booking.tromsoaurorahusky.com
URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:577 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e70678cbf7e8c157c423bac4d2872f3b384a1784f43b1126ae5e59fd45d144
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 11:55:58 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self'
content-encoding
gzip
cf-cache-status
STALE
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
age
448301
x-dns-prefetch-control
on
last-modified
Thu, 07 Mar 2024 02:42:44 GMT
server
cloudflare
etag
W/"977-18e16caa8a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7algweUa46zohlyOk9DJVK2ehIXHp2ilzsniKkSfdmEEOg5%2FcHvDiTE86Fm9qEAmuv6lW9GgdKEtF2I%2BxVlKHCMfbbum1iqrvHxy81q0niEeYaN%2BzakE2%2B1C9a7oUs7ipZRnqloCK1D3DWsCS85euHnh80l%2B1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=16070400
cf-ray
8bf6834d2c299bb3-FRA
send
analytics.visitgroup.com/api/ 		0
0
send
analytics.visitgroup.com/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.visitgroup.com/api/send
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:577 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://booking.tromsoaurorahusky.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8bf6834e1fc3bb83-FRA
content-length
6936
content-type
text/html; charset=UTF-8
date
Sat, 07 Sep 2024 11:55:59 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoDlrISClIeNnzV%2BOjNgUei%2FwMFFNgKL0C5Eojq7RcJcnW%2BBX65KkmOl1g8xU%2FJcsiKhUizKBe7PICzNmYmPxB%2F3yAUROvnlQEkXnfngT66NZOOdIpLABvVVmS3NDXA1EcNAwBjocqeYMsCxCrZ3oLu%2BpdIisQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
default-favicon.ico
assets.squarespace.com/universal/ 		6 KB
830 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/default-favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0d75fa1c9f78745b408f55992519c9bd64dfdd5c1b456c5f48b5dc7c43184a8a

Request headers

Referer
https://booking.tromsoaurorahusky.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Thu, 19 Sep 2024 07:05:50 GMT
date
Sat, 07 Sep 2024 11:55:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2772659
x-cache
HIT, HIT
content-length
465
x-served-by
cache-iad-kiad7000054-IAD, cache-fra-etou8220149-FRA
last-modified
Thu, 09 May 2019 21:33:24 GMT
server
UploadServer
x-timer
S1725710159.078338,VS0,VE0
etag
"db7c3c19eba33f9a409b02540a44b15a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1541, 15833

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.visitgroup.com
URL
https://analytics.visitgroup.com/api/send

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| container object| citybreak function| _typeof function| _createClass function| _classCallCheck function| IOlazy function| NativeCustomEvent function| useNative function| cb_fbs_click function| modifyCompareAccommodationUrl function| addClassesToCheckboxContainers function| modifyCompareTab function| compareAccommodationUrl function| compareAccommodation function| setSelectedCompareAccommodationCheckboxes function| getAccommodationsForComparasion function| removeAccommodationForComparasion function| addAccommodationForComparasion function| bindRemoveAccommodationsForComparasion function| bindAccommodationCompareCheckboxes function| initFreetextSidebarSearch function| cb_accommodation_searchform_onChildChange function| cb_formcreate_in function| cb_formcreate_form2 function| cb_formcreate_form_discountcategory function| cb_formcreate_form_discount function| cb_formcreate_form_pricecalendar function| cb_formcreate_form_pricecal object| $CBLAB object| cbMustache function| CBJQ function| citybreakjq object| jQBrowser object| cbamplify object| dOptions function| cbmoment object| cbHistory function| citybreakInputmask function| _ object| FixedSticky object| cbBlobUtil function| cbEXIF function| cbCroppie object| citybreakGroupBasket object| citybreakMobileRedirection object| citybreakGeography object| citybreakCommonSearchForm object| citybreakCarRentalSearchForm object| citybreakFlightSearchForm object| citybreakActivity object| citybreakActivityBooking object| citybreakActivitySearchForm object| citybreakOccasionOverview object| citybreakOccasionFilter object| citybreakSeatSelection object| citybreakFerrySearchForm object| citybreakPoiDistanceMap object| customerInformation object| citybreakLookup object| citybreakPublicTransportSearchForm object| citybreakPublicTransportSearchResult object| citybreakPublicTransportSearchResultResponsive object| citybreakActivityTransportControls object| citybreakActivityTransportWidgetSearchForm object| citybreakResultsList object| citybreakUnobtrusiveValidation object| eventBookingTicketSelection object| citybreakFuzzyCalendar object| citybreakAccommodationSearchForm object| citybreakPaymentProccess object| citybreakPriceCalendar object| citybreakCabinControls object| citybreakDetailsGallery object| citybreakCabinVillageControls object| citybreakPromotionCode object| citybreakHitAlternativeDayByDay object| citybreakAccommodationResults object| citybreakNearbyArea object| citybreakAccommodationBooking object| citybreakFerryMongoResults object| citybreakPackageGenericFerryResult object| citybreakFerryMongoSimpleSearchForm object| citybreakComplementaryFerryControls object| citybreakComplementaryControls object| citybreakOptionalControls object| citybreakOptionalPublicTransport object| citybreakGuestReviews object| citybreakPackageSearchProgress object| citybreakAccommodationModalGallery object| citybreakAccommodationFlightSearchform object| citybreakAccommodationFerryPackageSearchInfo object| citybreakAccommodationFerryPackageSearchform object| citybreakAccommodationFerryPackageFerryResult object| citybreakAccommodationFerryPackageAccommodationResult object| citybreakAccommodationTodoPackageSearchform object| citybreakTodoTodoPackageSearchform object| citybreakAccommodationAccommodationPackageSearchform object| citybreakPackageNextStep object| citybreakGroupedBasketProductInfo object| citybreakCarRentalUpgrade object| citybreakMyPageLoginForm object| citybreakMyPageResponsiveLoginForm object| citybreakMyPageGoogleMap object| citybreakMyPageWidget object| citybreakBookFlight object| citybreakBookFlightResponsive object| citybreakComplementaryCabinFerryControls object| citybreakLoyaltyLogin object| citybreakChangeBookingDetails object| cbPopper function| cbTippy function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| cbFlickity function| Unipointer function| Unidragger function| imagesLoaded object| citybreakNetsEasyCheckout function| jsQR object| umami

4 Cookies

Domain/Path Name / Value
.tromsoaurorahusky.com/ Name: online3_904182411_de-DE_de-DE
Value: otrqippvx2irecyx4ebtqjjb
.tromsoaurorahusky.com/ Name: online3_ss_904182411_de-DE_de-DE
Value: otrqippvx2irecyx4ebtqjjb
booking.tromsoaurorahusky.com/ Name: ca-citybreak-online
Value: cbonline02
.resources.citybreak.com/ Name: ARRAffinitySameSite
Value: c6158a4221560b3568baf2211603da9be337c33d659230412a6ce56354c65346

3 Console Messages

Source Level URL
Text
security error URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Message:
Refused to execute script from 'https://booking.tromsoaurorahusky.com/home/selectlanguage' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
javascript error URL: https://booking.tromsoaurorahusky.com/home/selectlanguage
Message:
Access to fetch at 'https://analytics.visitgroup.com/api/send' from origin 'https://booking.tromsoaurorahusky.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://analytics.visitgroup.com/api/send
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.visitgroup.com
assets.squarespace.com
booking.tromsoaurorahusky.com
code.jquery.com
css.citybreak.com
fonts.googleapis.com
p.typekit.net
resources.citybreak.com
use.typekit.net
analytics.visitgroup.com
151.101.64.237
20.107.224.25
2606:4700:20::681a:577
2606:4700::6812:1747
2a00:1450:4001:80b::200a
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ec6
2a04:4e42::649
0d75fa1c9f78745b408f55992519c9bd64dfdd5c1b456c5f48b5dc7c43184a8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d082d5440b232991ed60e008ba3b9affdf469eed3187702e7d3c7436a427619
21235e6a5a471ef0772fb0f61ac31e63003918e9a3dd23801909c880ed36bfa9
506e077e7f4bcc1372c4af1ab4046713b88862f65458575fc592e1f82e6e73b2
533550ee78a3a73d5ee5ad91db691aa987e73bbd5e886884989cc2bc3efc4747
55135795c47021fc7dc98bfc7616ae02bf3a4845a9125451ff564583e87a4195
55b06996f40e39855d312f80d73adcd7a53d226b5f041ace379c9d11904fc24c
56e70678cbf7e8c157c423bac4d2872f3b384a1784f43b1126ae5e59fd45d144
670389ba83855ce2a414337b1c0387622ce6d8b5ce9fdb4a8de9634ec388b314
7e24c02bf6dcdcabc81c34c4c4c0558d52bf64568d5f6cbd1b312ffd2ca57164
7f6817d4178e76d72b9ea61c9ac39b2e77f555bdee1cb4e07d07935384f01e51
8fd8921893956ae0bf5cd90f74511e8ec4535f681526bbc70f5735c1ac9f6e8c
c14f0fb5e36abeeedfcd95a33f4b863e081870de6284341555a9a952db5c0df6
e117fcd215c10cb6b6c9ca64224e699ba4b86306ea4f0d4010b9b6e7e8edd2df
e2b984980c47809389cb11db75653382dd899886e848ec61ebdcb25d0531bdf4
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db