www.festicket.ca Open in urlscan Pro
52.73.234.197  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.festicket.ca/	34 KB 10 KB	532ms 147ms	Document text/html	52.73.234.197 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.festicket.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.73.234.197 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-73-234-197.compute-1.amazonaws.com Software openresty/1.15.8.2 / Resource Hash dc5f7d0006befd0ae32e90123faf7fd97311bd3be7d34ce13dd4f7dff8decda7 Request headers Host www.festicket.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server openresty/1.15.8.2 Date Mon, 13 Sep 2021 23:13:11 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding P3P CP="NON" X-Wishpond-Host wishpondv1-server-7b48c4d79c-6d2tq X-Wishpond-Prefix PagesV2r/50d39f/1 X-Wishpond-Version 20200910000001 X-Wishpond-Queries 0 X-Wishpond-Guard 1631336717.8248096 X-Wishpond-Generated 2021-09-11 05:05:17 +0000 Content-Language de-DE X-Request-Id 5db33897-6c22-42ad-81ab-200ccf9e761a X-Runtime 0.045999 Content-Encoding gzip
GET H2	200	connect.js Show response cdn.wishpond.net/	157 KB 40 KB	47ms 10ms	Script application/javascript	13.226.155.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.wishpond.net/connect.js?merchantId=712925&socialCampaignId=2621185&writeKey=4d9619d8f78c Requested by Host: www.festicket.ca URL: https://www.festicket.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.155.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-28.dus51.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.festicket.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 22:00:04 GMT content-encoding gzip last-modified Thu, 09 Sep 2021 18:34:23 GMT server nginx/1.17.5 age 263586 etag W/"613a53af-272e9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront) cache-control public, stale-if-error, max-age=3600, s-max-age=172800 x-amz-cf-pop DUS51-C1 x-amz-cf-id v86phfO8HbXeu-zqVeBZzCZe6MpkUc6BR8PJpB0TkM2Cg-arxPm4kg==
GET H/1.1	200 OK	pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Show response d30itml3t0pwpf.cloudfront.net/assets/	204 KB 49 KB	60ms 13ms	Script application/javascript	13.226.156.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Requested by Host: www.festicket.ca URL: https://www.festicket.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.156.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-50.dus51.r.cloudfront.net Software nginx/1.17.5 / Resource Hash fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.festicket.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 17:21:52 GMT Content-Encoding gzip Age 1489879 X-Cache Hit from cloudfront Connection keep-alive Content-Length 49261 Access-Control-Allow-Origin * Last-Modified Fri, 27 Aug 2021 16:42:24 GMT Server nginx/1.17.5 ETag "612915f0-c06d" Vary Accept-Encoding Content-Type application/javascript Via 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront) Cache-Control public, max-age=315360000 X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id O32LOsi7US16App5G5jqdgeaA-W1cyG2Z5KVLbv1-eIQIHz1WKnKvw==
GET H/1.1	200 OK	pages_v4_default-9402c97957e5352460c06d0b8b3ac01d651a9429c01722ec90bf7a2b7924699f.css d30itml3t0pwpf.cloudfront.net/assets/	35 KB 8 KB	57ms 10ms	Stylesheet text/css	13.226.156.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d30itml3t0pwpf.cloudfront.net/assets/pages_v4_default-9402c97957e5352460c06d0b8b3ac01d651a9429c01722ec90bf7a2b7924699f.css Requested by Host: www.festicket.ca URL: https://www.festicket.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.156.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-50.dus51.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 9402c97957e5352460c06d0b8b3ac01d651a9429c01722ec90bf7a2b7924699f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.festicket.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 17:23:49 GMT Content-Encoding gzip Age 1489762 X-Cache Hit from cloudfront Connection keep-alive Content-Length 7848 Access-Control-Allow-Origin * Last-Modified Fri, 27 Aug 2021 16:42:24 GMT Server nginx/1.17.5 ETag "612915f0-1ea8" Vary Accept-Encoding Content-Type text/css Via 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront) Cache-Control public, max-age=315360000 X-Amz-Cf-Pop DUS51-C1 X-Amz-Cf-Id zHbB4kTxjfVdLq-xNkbe5lgKUIrRR8mzLz1qQzzFFSTzvddoRF5_Sg==
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	73ms 25ms	Stylesheet text/css	142.250.102.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700 Requested by Host: www.festicket.ca URL: https://www.festicket.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.102.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS rb-in-f95.1e100.net Software ESF / Resource Hash 580d95bbf59cce9d2309d16e768fb67c34cf27034bf88f5e544ad7c34ade5065 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.festicket.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 13 Sep 2021 23:13:11 GMT server ESF date Mon, 13 Sep 2021 23:13:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 13 Sep 2021 23:13:11 GMT
GET H/1.1	200 OK	1576006392-90333572 d30itml3t0pwpf.cloudfront.net/api/v3/medias/14454244/image/opt/original/	178 KB 179 KB	22ms 22ms	Image image/jpeg	13.226.156.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d30itml3t0pwpf.cloudfront.net/api/v3/medias/14454244/image/opt/original/1576006392-90333572 Requested by Host: www.festicket.ca URL: https://www.festicket.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.156.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-50.dus51.r.cloudfront.net Software nginx/1.17.5 / Resource Hash eeec4dc7888d8aef4049787767b8fac01987df02b5f0d816f13dd6ffe8467f15 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.festicket.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Mon, 16 Aug 2021 03:51:18 GMT Via 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront) Age 2488913 Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Transfer-Encoding binary Content-Disposition inline; filename="powerful-business-women-in-meeting_4460x4460.jpg" Connection keep-alive X-Request-Id 999134e9-229f-475f-8d22-ae063fe59e7d X-Runtime 0.214601 Last-Modified Tue, 10 Dec 2019 19:33:12 GMT Server nginx/1.17.5 ETag "a6c86d8a43bab46e013bdfa202771116" X-Download-Options noopen Strict-Transport-Security max-age=300 Content-Language en Cache-Control max-age=2592000, public Content-Security-Policy default-src 'none' X-Amz-Cf-Pop DUS51-C1 Content-Type image/jpeg X-Amz-Cf-Id oC-dUwk8c86P8a5Xdb60PL70ihXQ-bkMflkwemHCrFpdfpAEsX79pw== Expires Wed, 15 Sep 2021 03:51:18 GMT
GET H2	200	storage.html Show response cdn.wishpond.net/ Frame 84A4	3 KB 2 KB	11ms 10ms	Document text/html	13.226.155.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.wishpond.net/storage.html Requested by Host: cdn.wishpond.net URL: https://cdn.wishpond.net/connect.js?merchantId=712925&socialCampaignId=2621185&writeKey=4d9619d8f78c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.155.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-28.dus51.r.cloudfront.net Software nginx/1.17.5 / Resource Hash 0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b Request headers :method GET :authority cdn.wishpond.net :scheme https :path /storage.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.festicket.ca/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.festicket.ca/ Response headers content-type text/html; charset=UTF-8 server nginx/1.17.5 last-modified Thu, 18 Feb 2021 20:51:18 GMT access-control-allow-origin * content-encoding gzip date Tue, 07 Sep 2021 03:46:17 GMT cache-control public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800 etag W/"602ed346-c7d" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-C1 x-amz-cf-id HUG70_TqXtxW0gXCsgF_dST_gN7204hTlUQ7yW5b88fagq7_RHjogA== age 1092384
OPTIONS H2	200	popups.json www.wishpond.com/ Frame	0 0	321ms 105ms	Preflight text/plain	54.236.118.166 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=712925&url=https%3A%2F%2Fwww.festicket.ca%2F&social_campaign_id=2621185 Protocol H2 Server 54.236.118.166 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-118-166.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://www.festicket.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 13 Sep 2021 23:13:11 GMT content-type text/plain server nginx/1.17.5 vary Accept-Encoding strict-transport-security max-age=300 access-control-allow-origin https://www.festicket.ca access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true access-control-allow-headers x-requested-with x-request-id f9d98ac6-18ed-4104-ba20-efd777569135 x-runtime 0.000930 x-download-options noopen content-encoding gzip
GET H2	200	popups.json Show response www.wishpond.com/	13 B 1 KB	136ms 136ms	XHR application/json	54.236.118.166 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/popups.json?merchant_id=712925&url=https%3A%2F%2Fwww.festicket.ca%2F&social_campaign_id=2621185 Requested by Host: cdn.wishpond.net URL: https://cdn.wishpond.net/connect.js?merchantId=712925&socialCampaignId=2621185&writeKey=4d9619d8f78c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.118.166 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-118-166.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.festicket.ca/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 23:13:11 GMT content-encoding gzip x-content-type-options nosniff p3p CP="NON" strict-transport-security max-age=300 vary Accept-Encoding, Origin x-xss-protection 1; mode=block x-request-id e5278d96-9535-4e36-ac09-97cebef1879e x-runtime 0.030619 server nginx/1.17.5 x-frame-options DENY x-download-options noopen access-control-max-age 600 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language de-DE access-control-allow-origin https://www.festicket.ca access-control-expose-headers access-control-allow-credentials true content-security-policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self' content-type application/json; charset=utf-8
GET H2	200	qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 fonts.gstatic.com/s/karla/v15/	11 KB 11 KB	105ms 53ms	Font font/woff2	142.250.102.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/karla/v15/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.102.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS rb-in-f94.1e100.net Software sffe / Resource Hash a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.festicket.ca Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 10 Sep 2021 01:53:16 GMT x-content-type-options nosniff age 335995 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11164 x-xss-protection 0 last-modified Thu, 28 Jan 2021 21:51:09 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 10 Sep 2022 01:53:16 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	110ms 59ms	Font font/woff2	142.250.102.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.102.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS rb-in-f94.1e100.net Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.festicket.ca Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 12 Sep 2021 02:10:13 GMT x-content-type-options nosniff age 162178 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:46 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 12 Sep 2022 02:10:13 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	16 KB 16 KB	93ms 43ms	Font font/woff2	142.250.102.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.102.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS rb-in-f94.1e100.net Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.festicket.ca Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 02:09:53 GMT x-content-type-options nosniff age 507798 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Sep 2022 02:09:53 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	75ms 25ms	Font font/woff2	142.250.102.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Karla%7CRoboto%3A300%2C400%2C500%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.102.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS rb-in-f94.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.festicket.ca Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 09 Sep 2021 01:23:42 GMT x-content-type-options nosniff age 424169 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 09 Sep 2022 01:23:42 GMT
OPTIONS H2	200	pages.json www.wishpond.com/pages/v2r/2621185/ Frame	0 0	253ms 106ms	Preflight text/plain	54.236.118.166 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2621185/pages.json?variation_id=2870218 Protocol H2 Server 54.236.118.166 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-118-166.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-requested-with Origin https://www.festicket.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 13 Sep 2021 23:13:11 GMT content-type text/plain server nginx/1.17.5 vary Accept-Encoding strict-transport-security max-age=300 access-control-allow-origin https://www.festicket.ca access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-expose-headers access-control-max-age 600 access-control-allow-credentials true access-control-allow-headers x-requested-with x-request-id e19119c5-684c-4c74-946f-7bc082592fe7 x-runtime 0.000786 x-download-options noopen content-encoding gzip
GET H2	200	pages.json Show response www.wishpond.com/pages/v2r/2621185/	26 KB 5 KB	121ms 120ms	XHR application/json	54.236.118.166 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.wishpond.com/pages/v2r/2621185/pages.json?variation_id=2870218 Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.118.166 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-118-166.compute-1.amazonaws.com Software nginx/1.17.5 / Resource Hash d03a3e672919c14148272ba855dd14ca650d5dbdd8b1d74f9d47037a2af8f846 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept application/json Referer https://www.festicket.ca/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-wishpond-prefix PagesV2r/50d39f/1 date Mon, 13 Sep 2021 23:13:11 GMT content-encoding gzip x-wishpond-queries 0 x-wishpond-version 20200910000001 x-wishpond-generated 2021-09-11 05:05:17 +0000 p3p CP="NON" strict-transport-security max-age=300 vary Accept-Encoding, Origin x-request-id 28c165bc-24ca-4ee8-bde0-6e1ec02e012d x-runtime 0.014661 server nginx/1.17.5 x-wishpond-host wishpondv1-server-7b48c4d79c-pdbz4 access-control-max-age 600 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-language de-DE access-control-allow-origin https://www.festicket.ca access-control-expose-headers access-control-allow-credentials true x-wishpond-guard 1631336717.8248096 content-type application/json; charset=utf-8
OPTIONS H2	200	view bookie.wishpond.com/v1/social_campaigns/2621185/variations/2870218/ Frame	0 0	313ms 102ms	Preflight text/plain	18.213.167.152 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2621185/variations/2870218/view Protocol H2 Server 18.213.167.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-167-152.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-requested-with Origin https://www.festicket.ca User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 13 Sep 2021 23:13:11 GMT content-type text/plain server nginx/1.14.2 access-control-allow-origin * access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers Link access-control-max-age 600 access-control-allow-headers x-requested-with
POST H2	201	view Show response bookie.wishpond.com/v1/social_campaigns/2621185/variations/2870218/	0 289 B	181ms 180ms	XHR text/plain	18.213.167.152 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bookie.wishpond.com/v1/social_campaigns/2621185/variations/2870218/view Requested by Host: d30itml3t0pwpf.cloudfront.net URL: https://d30itml3t0pwpf.cloudfront.net/assets/pages_v2r-fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.213.167.152 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-213-167-152.compute-1.amazonaws.com Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://www.festicket.ca/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.022896 date Mon, 13 Sep 2021 23:13:12 GMT server nginx/1.14.2 vary Origin access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD content-type text/plain access-control-allow-origin * access-control-max-age 600 cache-control no-cache x-request-id 235cd83b-b997-4c17-a6e9-8a8dc12e63a1 access-control-expose-headers Link
GET		analytics.js www.google-analytics.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/analytics.js

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| ES6Promise function| _s object| Base64 object| XD object| fastdom object| Wishpond function| CrossStorageClient number| len object| prototype string| k object| Honeybadger function| jqlite function| strftime function| strftimeTZ function| strftimeUTC function| localizedStrftime function| Tooltip function| SelectDropdown function| Calendar function| _wp object| wishpondApp object| $$jqListeners string| GoogleAnalyticsObject function| ga

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookie.wishpond.com
cdn.wishpond.net
d30itml3t0pwpf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.festicket.ca
www.google-analytics.com
www.wishpond.com
www.google-analytics.com
13.226.155.28
13.226.156.50
142.250.102.94
142.250.102.95
18.213.167.152
52.73.234.197
54.236.118.166
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1cf8f82ea1fee9bb2e05066d1287ac05b0d657f72eff947ba9272fa1c3322749
580d95bbf59cce9d2309d16e768fb67c34cf27034bf88f5e544ad7c34ade5065
9402c97957e5352460c06d0b8b3ac01d651a9429c01722ec90bf7a2b7924699f
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
a968f482a73e8e8faf0032ad6e172d458b89725e88e5f0b7b16eb8cac332c308
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d03a3e672919c14148272ba855dd14ca650d5dbdd8b1d74f9d47037a2af8f846
dc5f7d0006befd0ae32e90123faf7fd97311bd3be7d34ce13dd4f7dff8decda7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeec4dc7888d8aef4049787767b8fac01987df02b5f0d816f13dd6ffe8467f15
fecc1e6a2156b7e0c3f1599c2799e4e904967c8592cbb3e5dc6ad773fdb4737e