urlscan.io logo urlscan.io
SecurityTrails logo

moodvisuals.ticketbutler.io Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://moodvisuals.ticketbutler.io/
Effective URL: https://moodvisuals.ticketbutler.io/da/user/login/
Submission: On October 19 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is moodvisuals.ticketbutler.io.
TLS certificate: Issued by E1 on September 9th 2023. Valid for: 3 months.
This is the only time moodvisuals.ticketbutler.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.70.113 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
6 5
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
moodvisuals.ticketbutler.io
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
moodvisuals.ticketbutler.io
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
Apex Domain
Subdomains		 Transfer
5 ticketbutler.io
moodvisuals.ticketbutler.io
800 KB
2 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2397
ekr.zdassets.com — Cisco Umbrella Rank: 2723
6 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
50 KB
0 polyfill.app Failed
polyfill.app Failed
6 4
Domain Requested by
5 moodvisuals.ticketbutler.io 3 redirects moodvisuals.ticketbutler.io
1 ekr.zdassets.com static.zdassets.com
1 static.zdassets.com moodvisuals.ticketbutler.io
1 pagead2.googlesyndication.com moodvisuals.ticketbutler.io
0 polyfill.app Failed moodvisuals.ticketbutler.io
6 5

This site contains no links.

Subject Issuer Validity Valid
ticketbutler.io
E1		 2023-09-09 -
2023-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2023-10-10 -
2024-10-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://moodvisuals.ticketbutler.io/da/user/login/
Frame ID: E478F1425171620ED5162CE6B0E43FAD
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log Ind og opret arrangement | Kind Of Art

Page URL History Show full URLs

  1. http://moodvisuals.ticketbutler.io/ HTTP 301
    https://moodvisuals.ticketbutler.io/ HTTP 302
    https://moodvisuals.ticketbutler.io/da/ HTTP 302
    https://moodvisuals.ticketbutler.io/da/user/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

6
Requests

83 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

855 kB
Transfer

3462 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://moodvisuals.ticketbutler.io/ HTTP 301
    https://moodvisuals.ticketbutler.io/ HTTP 302
    https://moodvisuals.ticketbutler.io/da/ HTTP 302
    https://moodvisuals.ticketbutler.io/da/user/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
moodvisuals.ticketbutler.io/da/user/login/
Redirect Chain
  • http://moodvisuals.ticketbutler.io/
  • https://moodvisuals.ticketbutler.io/
  • https://moodvisuals.ticketbutler.io/da/
  • https://moodvisuals.ticketbutler.io/da/user/login/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moodvisuals.ticketbutler.io/da/user/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326d6c581fc271f33a79d374bf57b361d70e4d61e9056164e144ce2b6cb74c9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
818b767dd97fb8be-AMS
content-encoding
br
content-language
da
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 19 Oct 2023 19:35:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJPB%2BOdAzgiw%2F7czD2jKAT7xc9LhrL4m%2FJXIV86Hjid%2BScpkv4VucAdUu0N6cbM6q608jKjewbT8XwfA537RBG2cS20WcGWNEApyStR4h%2BoJUeGBrbUo1f6x%2FtJZqAs2djcXISrHie5T%2FN6fb6O7dmi6Y1A0bwpdjMk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Cookie, origin
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
818b767d2eaab900-AMS
content-language
da
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 19 Oct 2023 19:35:12 GMT
location
/da/user/login/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7lJp2kkU1F2jx0OSzEweyU7HcYZsHQfGX07OgdHdzON1cvx6OwrpN7DkV%2BIqSvqrM0TNZPpoloL3GPJUtufJqPxHkmW3Qsn56YINsiBnVXOIopXQquldbu18mVFUcQdWZmsqFYjshW45lquZYaBNud30EDXLVjwKgA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Cookie, origin
x-content-type-options
nosniff
polyfill
polyfill.app/api/ 		0
0
whitelabel-9ac70677.js
moodvisuals.ticketbutler.io/resources/js/dashboard/ 		3 MB
795 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moodvisuals.ticketbutler.io/resources/js/dashboard/whitelabel-9ac70677.js
Requested by
Host: moodvisuals.ticketbutler.io
URL: https://moodvisuals.ticketbutler.io/da/user/login/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d186b89c4ba18f4e556e16c9cb0422a650fc680cbb08388116d1bcf596e9ca0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moodvisuals.ticketbutler.io/da/user/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:35:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8db07e12-207b-40ed-bf52-233f3c333640
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 10:59:08 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1696934917/ctime:1696934913/gid:1000/gname:ticketbutler/md5:9ec2fbe43d8bc2d6fc655f7b0712b3ae/mode:33188/mtime:1696934808/uid:1000/uname:ticketbutler
etag
W/"9ec2fbe43d8bc2d6fc655f7b0712b3ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9ylFtWHA01ipgWX0anzYclwIMFMhAC5AHQrz4o8Kj94%2Bnzxvb%2BACO4bX%2FV4WlNaPOtYerYQfEfZnJ7jFnH1r3qkCJXgY0p97wb4T1m3Rk9TZUnv1Ku3ADvIh1US91XG6bmMvLxE2J4nIEDQEmt%2BHvUWM8f24frFWKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-clv-request-id
8db07e12-207b-40ed-bf52-233f3c333640
cache-control
max-age=31536000
cf-ray
818b767f8ae9b8be-AMS
x-clv-s3-version
2.5
expires
Fri, 18 Oct 2024 19:35:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: moodvisuals.ticketbutler.io
URL: https://moodvisuals.ticketbutler.io/da/user/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
730aced4e8dc9c35c9094eda072976de4a4128b2ace595dd41d4075752510509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:35:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51030
x-xss-protection
0
server
cafe
etag
2961069262312138308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:35:12 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=e7397f58-864c-474a-9a3f-d2a5f622767c
Requested by
Host: moodvisuals.ticketbutler.io
URL: https://moodvisuals.ticketbutler.io/da/user/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:35:12 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
7JHQ02N2619E4GPS
age
14
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mnUeuZvvauluviCynj8Qqu7+IpFy1e56W1769MqQ1xoBcGq7ykTSyxLlVwDQwYV1T3PMHH2f8GI=
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiXP%2Fg8hhyJ8%2BoWXv2uEiatS7QOaDtKiB7oGMzSUrMIo5wS5ifB%2B17qpSOhsHcYEdzrnudg7KO1A8JLrLz6xW%2FhSgH8eeRSgTWaTQ34kUamMR7UHXfzehDYMQMoR10OILOpWLy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
818b768048b8b722-AMS
e7397f58-864c-474a-9a3f-d2a5f622767c
ekr.zdassets.com/compose/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/e7397f58-864c-474a-9a3f-d2a5f622767c
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e7397f58-864c-474a-9a3f-d2a5f622767c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efcb54d4c8bff7fe2c5a7b6b6ce96d8784184a6f62430c5c2a7006baf4728e56
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 19:35:12 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
811bfe2f4f73737b-SEA, 811bfe2f4f73737b-SEA
x-runtime
0.003136
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"efcb54d4c8bff7fe2c5a7b6b6ce96d87"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MC5n%2F4wqlfBhP1rGDff%2FbpGffcUWEayrgwl16zEnHL6%2BLTXim8cb1xUFesNKWVNeahiegTZr81XYBGjzMVXfS9P7BGJyNH2F8BisEXxwLodSbh4u9Q%2BXSgZaa6884YL3LE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
818b76810aad6657-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
polyfill.app
URL
https://polyfill.app/api/polyfill?features=es,regenerator-runtime,fetch,url

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| d object| s object| t object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded

1 Cookies

Domain/Path Name / Value
moodvisuals.ticketbutler.io/ Name: csrftoken
Value: 1b4I1I7pgAdd4ykVBZJJAS6XxXyjsJ9X

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff