booking.supaevent.de Open in urlscan Pro
2a00:6700:0:616::2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.supaevent.de//account/transactions
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 06 via api (May 6th 2024, 7:49:28 pm UTC) from IT — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2a00:6700:0:616::2, located in Germany and belongs to CROSSCONCEPT-DE IPv4 & IPv6, DE. The main domain is booking.supaevent.de.
TLS certificate: Issued by R3 on May 6th 2024. Valid for: 3 months.

This is the only time booking.supaevent.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	2a00:6700:0:6... 2a00:6700:0:616::2		202784 (CROSSCONC...) (CROSSCONCEPT-DE IPv4 & IPv6)
2	2606:4700:20:... 2606:4700:20::ac43:4b21		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

11 2a00:6700:0:616::2 (Germany)

ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE)

booking.supaevent.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	supaevent.de booking.supaevent.de	319 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4919	31 KB
13	2

	Domain	Requested by
11	booking.supaevent.de	booking.supaevent.de
2	cdn.datatables.net	booking.supaevent.de
13	2

This site contains no links.

Subject Issuer	Validity	Valid
booking.supaevent.de R3	`2024-05-06` - `2024-08-04`	3 months	crt.sh
datatables.net GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://booking.supaevent.de//account/transactions
Frame ID: CDD6D1C6DD45359031471ECF7B14828D
Requests: 12 HTTP requests in this frame

Frame: https://booking.supaevent.de/widgets/index/refreshStatistic?requestPage=%2F%2Faccount%2Ftransactions&requestController=register
Frame ID: B37BBA413D4030DBAA7E35A087747624
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Registrierung | SUPA "Booking" – Buchungssystem

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart
<a[^>]*href=[^>]*/Checkout

Shopware (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

(?:(shopware)|/web/cache/[0-9]{10}_.+)\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

350 kB
Transfer

1284 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request transactions Show response
booking.supaevent.de//account/ 28 KB
7 KB 567ms
432ms Document
text/html 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.supaevent.de//account/transactions

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),

Reverse DNS

Software

nginx / PHP/7.2.34 PleskLin

Resource Hash

1914aede466f2aa7b083e93fbe7b6a820382c247a4d9c80180a79ffc8d37c5bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-encoding: gzip
content-length: 6725
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 19:49:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT, -1
pragma: no-cache, no-cache
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34 PleskLin

GET
H2 200 1648826219_147381a1abf476df5390b5aabfa8f034.css
booking.supaevent.de/web/cache/ 465 KB
57 KB 79ms
78ms Stylesheet
text/css 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de//account/transactions
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ac3af1ccfd1323a94c6420cfaa0077c45a0a6f268b1a5651d4a9cde54fad2d03

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de//account/transactions
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
content-encoding: br
last-modified: Fri, 01 Apr 2022 15:16:59 GMT
server: nginx
etag: W/"6247176b-7440c"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css

GET
H2 200 modernizr.custom.35977.js Show response
booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/src/js/vendors/modernizr/ 6 KB
3 KB 190ms
190ms Script
application/javascript 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/src/js/vendors/modernizr/modernizr.custom.35977.js
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de//account/transactions
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: fe2ab37fef65eaae20b27dd830a9ea74a8a206a4f66dcb4de2537c7dd4c47ce5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de//account/transactions
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
content-encoding: br
last-modified: Fri, 05 Apr 2019 12:40:41 GMT
server: nginx
etag: W/"5ca74cc9-17bd"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 supaevent_logo_3C.png
booking.supaevent.de/media/image/7f/d8/e5/ 6 KB
6 KB 191ms
190ms Image
image/png 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.supaevent.de/media/image/7f/d8/e5/supaevent_logo_3C.png
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de//account/transactions
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8675b642f096bc718ddb208f4d330975e587e3022be48afdd5498f1470911bcc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de//account/transactions
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
last-modified: Fri, 01 Apr 2022 15:16:19 GMT
server: nginx
etag: "62471743-1632"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 5682

GET
H2 200 1648826219_147381a1abf476df5390b5aabfa8f034.js Show response
booking.supaevent.de/web/cache/ 575 KB
137 KB 191ms
190ms Script
application/javascript 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.js
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de//account/transactions
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d727644bbbe77426ab109b37610639f04f1683b2bd69ea49079514d0a084a1bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de//account/transactions
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
content-encoding: br
last-modified: Fri, 01 Apr 2022 15:16:58 GMT
server: nginx
etag: W/"6247176a-8fd33"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 refreshStatistic Show response
booking.supaevent.de/widgets/index/ Frame B37B 0
442 B 226ms
226ms Document
text/html 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.supaevent.de/widgets/index/refreshStatistic?requestPage=%2F%2Faccount%2Ftransactions&requestController=register

Requested by

Host: booking.supaevent.de
URL: https://booking.supaevent.de//account/transactions

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),

Reverse DNS

Software

nginx / PHP/7.2.34 PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://booking.supaevent.de//account/transactions
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600, public, s-maxage=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 19:49:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
x-body-eval: ESI
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34 PleskLin

GET
H2 200 shopware.woff2
booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/src/fonts/ 24 KB
24 KB 75ms
74ms Font
font/woff2 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/src/fonts/shopware.woff2?
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Origin: https://booking.supaevent.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
last-modified: Fri, 05 Apr 2019 12:40:41 GMT
server: nginx
etag: "5ca74cc9-5ed4"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 24276

GET
H2 200 OpenSans-Regular.woff2
booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/ 41 KB
41 KB 76ms
75ms Font
font/woff2 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Regular/OpenSans-Regular.woff2?201902250948
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Origin: https://booking.supaevent.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
last-modified: Fri, 05 Apr 2019 12:40:41 GMT
server: nginx
etag: "5ca74cc9-a2d4"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 41684

GET
H2 200 OpenSans-Bold.woff2
booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/ 43 KB
43 KB 129ms
129ms Font
font/woff2 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/vendors/fonts/open-sans-fontface/Bold/OpenSans-Bold.woff2?201902250948
Requested by: Host: booking.supaevent.de
URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.css
Origin: https://booking.supaevent.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
last-modified: Fri, 05 Apr 2019 12:40:41 GMT
server: nginx
etag: "5ca74cc9-aa04"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 43524

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.13/js/ 81 KB
27 KB 140ms
52ms Script
text/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js

Requested by

Host: booking.supaevent.de
URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1228800
last-modified: Fri, 19 Apr 2024 08:45:39 GMT
server: cloudflare
etag: W/"66222f33-14473"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jURmSU43%2BMUyXYUGOPfHVKdOb2Bk9b8haxc%2B1Qje%2BXsyiZOy5mIxDuepYoLdsxIEOsMIOQetcCaRHfgpROiOQ7nMoxjmM5t%2Bv5kBRXbzIPVTLCmWzN35isH9JeThi7qkUd1JcUF8RCIquysrbib5Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
cf-ray: 87fb7e4f9fd02c43-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dataTables.responsive.min.js Show response
cdn.datatables.net/responsive/2.1.1/js/ 11 KB
4 KB 144ms
55ms Script
text/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/responsive/2.1.1/js/dataTables.responsive.min.js

Requested by

Host: booking.supaevent.de
URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c08220ffe9dbaa148b1973817b41f1acae5accb89548fb67a603694abe706d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1228850
last-modified: Fri, 19 Apr 2024 08:45:47 GMT
server: cloudflare
etag: W/"66222f3b-2c90"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DExSQyoaTt9%2FwJ5D8Lw4SVIhWtCvVONQ6M65wY2PU1qiCxVPXA2G%2BdxmZQ0ryETbhMVfCeUTsjk7dstvwoaaoutAZa%2BW6abycMl1e%2Bq%2FW1SHlROvUGlQ0RQxp1ZVltyfLY9OJr0RzLfv087cK2QwoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
cf-ray: 87fb7e4f9fd62c43-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 csrftoken Show response
booking.supaevent.de/ 0
487 B 168ms
168ms XHR
text/html 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.supaevent.de/csrftoken

Requested by

Host: booking.supaevent.de
URL: https://booking.supaevent.de/web/cache/1648826219_147381a1abf476df5390b5aabfa8f034.js

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),

Reverse DNS

Software

nginx / PHP/7.2.34, PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://booking.supaevent.de//account/transactions
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache, no-cache
date: Mon, 06 May 2024 19:49:24 GMT
x-csrf-token: JrsOA18mVEd4mOrR3mzkEAEGdLDgq8
server: nginx
x-powered-by: PHP/7.2.34, PleskLin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT, -1

GET
H2 200 favicon.ico
booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/src/img/ 5 KB
1 KB 57ms
57ms Other
image/x-icon 2a00:6700:0:616::2
CROSSCONCEPT-DE I...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.supaevent.de/themes/Frontend/Responsive/frontend/_public/src/img/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6700:0:616::2 , Germany, ASN202784 (CROSSCONCEPT-DE IPv4 & IPv6, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b1d7d78264f9cfce0a5831642b2d93435f14f636fbb2f6689bc23e0318b487f4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://booking.supaevent.de//account/transactions
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 19:49:24 GMT
content-encoding: gzip
last-modified: Fri, 05 Apr 2019 12:40:41 GMT
server: nginx
etag: W/"5ca74cc9-1536"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Modernizr number| timeNow object| asyncCallbacks object| controller object| snippets object| themeConfig object| lastSeenProductsConfig object| csrfConfig object| statisticDevices number| cookieRemoval object| datePickerGlobalConfig function| Flatpickr function| _flatpickr function| flatpickr function| _extends function| _typeof object| Neti function| refresh boolean| isLoan boolean| time_based undefined| unavailable function| initDatePicker function| loadPicker function| callAjax function| loadFixedPrices function| setTrigger function| addTimeTrigger function| disableControls function| enableControls function| activateButton function| feedDatepicker function| toIso function| applyNoSelect function| addOptionalTrigger function| detectOffTime function| enableOptionalQunatity function| reset function| updatePrice function| strip function| $ function| jQuery object| picturefillCFG function| picturefill object| StateManager object| PluginsCollection function| LoadingIndicator function| Overlay object| CSRF function| moment function| replaceAsyncReady

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			booking.supaevent.de/	1969-12-31 23:59:59	Name: session-1 Value: 6e703cb863747049fd39c894a8a92abb6933b00cd5b757999d3ea78616b2f32b
			booking.supaevent.de/	1969-12-31 23:59:59	Name: x-ua-device Value: desktop
			booking.supaevent.de/	1969-12-31 23:59:59	Name: __csrf_token-1 Value: JrsOA18mVEd4mOrR3mzkEAEGdLDgq8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.supaevent.de
cdn.datatables.net
2606:4700:20::ac43:4b21
2a00:6700:0:616::2
1914aede466f2aa7b083e93fbe7b6a820382c247a4d9c80180a79ffc8d37c5bb
2da97418251121ad5b28c6e206316578aae360d47dea2262c90478536624d910
386aa8da6da7a2e344e4011774a68ca0d7aa86366b650d7a9ccf04a86f8d87b0
3c08220ffe9dbaa148b1973817b41f1acae5accb89548fb67a603694abe706d8
3f2a2f05feb9ed38c8889ede47bd28f36014c40b5aa1573b1f1d9302eb18ed5e
8675b642f096bc718ddb208f4d330975e587e3022be48afdd5498f1470911bcc
ac3af1ccfd1323a94c6420cfaa0077c45a0a6f268b1a5651d4a9cde54fad2d03
b1d7d78264f9cfce0a5831642b2d93435f14f636fbb2f6689bc23e0318b487f4
c96037e7a94386bbb2d49f231a771a3162803d80db2b8ece29bd2e4ff6842cb7
d727644bbbe77426ab109b37610639f04f1683b2bd69ea49079514d0a084a1bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe2ab37fef65eaae20b27dd830a9ea74a8a206a4f66dcb4de2537c7dd4c47ce5