staging.booking.sitas.ski Open in urlscan Pro
51.91.118.96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staging.booking.sitas.ski/
Submission: On February 21 via automatic, source certstream-suspicious (February 21st 2023, 9:47:18 am UTC) — Scanned from FR

Summary HTTP 17 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 51.91.118.96, located in France and belongs to OVH, FR. The main domain is staging.booking.sitas.ski.
TLS certificate: Issued by R3 on February 21st 2023. Valid for: 3 months.

This is the only time staging.booking.sitas.ski was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
14	51.91.118.96 51.91.118.96		16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:830::2008		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e		15169 (GOOGLE) (GOOGLE)
17	3

14 51.91.118.96 (France)

ASN16276 (OVH, FR)
PTR: ns31168997.ip-51-91-118.eu

staging.booking.sitas.ski	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sitas.ski	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sitas.ski staging.booking.sitas.ski www.sitas.ski	658 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	43 KB
17	3

	Domain	Requested by
13	staging.booking.sitas.ski	staging.booking.sitas.ski
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.sitas.ski	staging.booking.sitas.ski
1	www.googletagmanager.com	staging.booking.sitas.ski
17	4

This site contains no links.

Subject Issuer	Validity	Valid
staging.booking.sitas.ski R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
sitas.ski R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://staging.booking.sitas.ski/
Frame ID: F6241F9CFE02FA00283CE5E61FC6B54F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Acquisto Attivita | Sitas S.p.A.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

721 kB
Transfer

957 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
staging.booking.sitas.ski/ 11 KB
2 KB 244ms
73ms Document
text/html 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 6adce9dfb41536fb8481def7d81a2e44b6725e89915a9015aab5f093213bfe74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 21 Feb 2023 09:47:13 GMT
expires: -1
pragma: no-cache
server: nginx
x-powered-by: PleskLin

GET
H2 200 roboto.css
staging.booking.sitas.ski/css/fonts/roboto/ 2 KB
490 B 34ms
32ms Stylesheet
text/css 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/css/fonts/roboto/roboto.css
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: e28172b2ed7a9565abddd6781ff89ec64bf7f4e46cbac39ff2d95c67afb84d68

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 00:57:50 GMT
server: nginx
etag: W/"600f690e-93c"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 main.css
staging.booking.sitas.ski/css/ 3 KB
910 B 34ms
33ms Stylesheet
text/css 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/css/main.css
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 6128a3a4c7f78b23a10198d7dca1eac910b0c83288190222a5af62940b2674e5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 00:57:50 GMT
server: nginx
etag: W/"600f690e-b29"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 new_order.css
staging.booking.sitas.ski/css/pages/order/ 8 KB
2 KB 34ms
33ms Stylesheet
text/css 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/css/pages/order/new_order.css
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 7bcf8cb78c4c86760e5460faa8ec5fc0edaddd413ccb6145a2bc2438e5cc755b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 00:57:52 GMT
server: nginx
etag: W/"600f6910-2128"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 105ms
39ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-127888879-2

Requested by

Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b58aad32e012124f1084d4356dc775f0cdb7cde71df18f90273188103720833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44149
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Feb 2023 09:47:13 GMT

GET
H2 200 logo.png
www.sitas.ski/wp-content/uploads/2018/07/ 9 KB
9 KB 127ms
33ms Image
image/png 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sitas.ski/wp-content/uploads/2018/07/logo.png
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: a755d08df32873988f793efd5559f4ad62438fcac39a5fbb41321795d17338d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:14 GMT
last-modified: Tue, 04 Jun 2019 07:23:13 GMT
server: nginx
etag: "5cf61c61-23a4"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 9124

GET
H2 200 sunrise_experience.jpg
staging.booking.sitas.ski/uploads/images/events/ 162 KB
162 KB 83ms
82ms Image
image/jpeg 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.booking.sitas.ski/uploads/images/events/sunrise_experience.jpg
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 824ecddb7e98a099cd2308a5acba63c4e0981a341f6ebc1d5e07cecbef2aa257

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
last-modified: Tue, 26 Jan 2021 00:58:06 GMT
server: nginx
etag: "600f691e-2860d"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 165389

GET
H2 200 sunset_emotion.jpg
staging.booking.sitas.ski/uploads/images/events/ 330 KB
331 KB 82ms
81ms Image
image/jpeg 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.booking.sitas.ski/uploads/images/events/sunset_emotion.jpg
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 4a07afea910aa4a1e41d9e393b0c63e480bf10887cddd501850e43cf9bbf8672

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
last-modified: Tue, 26 Jan 2021 00:58:06 GMT
server: nginx
etag: "600f691e-52924"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 338212

GET
H2 200 dark_emotion.jpg
staging.booking.sitas.ski/uploads/images/events/ 29 KB
29 KB 87ms
85ms Image
image/jpeg 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.booking.sitas.ski/uploads/images/events/dark_emotion.jpg
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 6fcd3d5f00c6336bfb8024a3f31c3cc385408b38283d5ccb2fffc374d06c73b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
last-modified: Tue, 26 Jan 2021 00:58:06 GMT
server: nginx
etag: "600f691e-72a0"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 29344

GET
H2 200 video_360_emotion.jpg
staging.booking.sitas.ski/uploads/images/events/ 71 KB
72 KB 86ms
85ms Image
image/jpeg 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staging.booking.sitas.ski/uploads/images/events/video_360_emotion.jpg
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 3ad764bdf6a0ea8776a854dae8f4d9b7000b9bcaa1497415207dfe6be41d883d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
last-modified: Tue, 26 Jan 2021 00:58:08 GMT
server: nginx
etag: "600f6920-11dd5"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 73173

GET
H2 200 jquery-3.3.1.min.js Show response
staging.booking.sitas.ski/plugins/jQuery/ 85 KB
29 KB 55ms
55ms Script
application/javascript 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/plugins/jQuery/jquery-3.3.1.min.js
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 00:58:02 GMT
server: nginx
etag: W/"600f691a-1538f"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 sweetalert2.all.min.js Show response
staging.booking.sitas.ski/plugins/SweetAlert2/ 60 KB
14 KB 79ms
79ms Script
application/javascript 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/plugins/SweetAlert2/sweetalert2.all.min.js
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: a6314ba9e418a9f3de5a27c5b01d6ec89b7017abd7b8868823970e15e643d5fd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 00:58:04 GMT
server: nginx
etag: W/"600f691c-f0e5"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 main.js Show response
staging.booking.sitas.ski/js/ 3 KB
2 KB 87ms
84ms Script
application/javascript 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/js/main.js
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: b9b78cce23f8c2e2cd7f8b501d62d09504fcebba85bd1df70be5bd4731727a5a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Wed, 27 Jan 2021 13:13:02 GMT
server: nginx
etag: W/"601166de-ab5"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 index.js Show response
staging.booking.sitas.ski/js/pages/order/ 20 KB
4 KB 81ms
78ms Script
application/javascript 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/js/pages/order/index.js
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: ce67a5f07febc20b53edf58a7930907342fa6efbc1e8c685df8e75f8ca47414e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 00:57:46 GMT
server: nginx
etag: W/"600f690a-4e9f"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 videoteca.js Show response
staging.booking.sitas.ski/js/pages/order/ 6 KB
2 KB 85ms
83ms Script
application/javascript 51.91.118.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://staging.booking.sitas.ski/js/pages/order/videoteca.js
Requested by: Host: staging.booking.sitas.ski
URL: https://staging.booking.sitas.ski/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.91.118.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31168997.ip-51-91-118.eu
Software: nginx / PleskLin
Resource Hash: cb10fe7a9a998905ed873b6abc6da293f69923ca08dd2178bf261c4d9477e59e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:47:13 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 13:48:52 GMT
server: nginx
etag: W/"60b8ddc4-168c"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 400ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127888879-2

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://staging.booking.sitas.ski/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Feb 2023 08:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3150
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Feb 2023 10:54:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 34ms
32ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1712144599&t=pageview&_s=1&dl=https%3A%2F%2Fstaging.booking.sitas.ski%2F&ul=en-us&de=UTF-8&dt=Acquisto%20Attivita%20%7C%20Sitas%20S.p.A.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1656975557&gjid=2021479672&cid=1798010830.1676972834&tid=UA-127888879-2&_gid=1727720490.1676972834&_r=1&gtm=457e32f0&z=1618127881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging.booking.sitas.ski/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Feb 2023 09:47:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://staging.booking.sitas.ski
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| gtag object| dataLayer function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| showLoader function| hideLoader function| validateEmail function| validatePhone function| logout function| isMobile function| init function| startTimer function| startSecondTimer function| addListeners function| getCurrentStep function| loadPeopleIntoBooking function| checkData function| goToPayment function| getPeopleDataFromForm function| loadDatesForEvent function| drawDates function| loadContentsForEvent function| drawContents function| checkAvailableTicket function| checkAvailableTicketSunset function| goToStep function| callBackForNextStep function| modeSunrise function| modeSunset function| modeVideo360 function| callBackForBackStep function| deletePreorder function| intiStep3 function| selectData function| removeDataSelected function| enableNavigation function| cleanActiveStep function| setActiveStep function| updateSteps function| e object| a boolean| r function| t function| n function| o function| c function| s function| d function| p function| u function| f function| v function| h function| m function| w function| y function| g function| b function| x function| I object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sitas.ski/	1970-01-20 19:25:32	Name: _ga Value: GA1.2.1798010830.1676972834
			.sitas.ski/	1970-01-20 09:50:59	Name: _gid Value: GA1.2.1727720490.1676972834
			.sitas.ski/	1970-01-20 09:49:32	Name: _gat_gtag_UA_127888879_2 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

staging.booking.sitas.ski
www.google-analytics.com
www.googletagmanager.com
www.sitas.ski
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2008
51.91.118.96
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3ad764bdf6a0ea8776a854dae8f4d9b7000b9bcaa1497415207dfe6be41d883d
4a07afea910aa4a1e41d9e393b0c63e480bf10887cddd501850e43cf9bbf8672
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6128a3a4c7f78b23a10198d7dca1eac910b0c83288190222a5af62940b2674e5
6adce9dfb41536fb8481def7d81a2e44b6725e89915a9015aab5f093213bfe74
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fcd3d5f00c6336bfb8024a3f31c3cc385408b38283d5ccb2fffc374d06c73b9
7bcf8cb78c4c86760e5460faa8ec5fc0edaddd413ccb6145a2bc2438e5cc755b
824ecddb7e98a099cd2308a5acba63c4e0981a341f6ebc1d5e07cecbef2aa257
8b58aad32e012124f1084d4356dc775f0cdb7cde71df18f90273188103720833
a6314ba9e418a9f3de5a27c5b01d6ec89b7017abd7b8868823970e15e643d5fd
a755d08df32873988f793efd5559f4ad62438fcac39a5fbb41321795d17338d8
b9b78cce23f8c2e2cd7f8b501d62d09504fcebba85bd1df70be5bd4731727a5a
cb10fe7a9a998905ed873b6abc6da293f69923ca08dd2178bf261c4d9477e59e
ce67a5f07febc20b53edf58a7930907342fa6efbc1e8c685df8e75f8ca47414e
e28172b2ed7a9565abddd6781ff89ec64bf7f4e46cbac39ff2d95c67afb84d68