guest-api.guestservices.theknot.com Open in urlscan Pro
174.129.98.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://laura-and-paul.us/
Effective URL:
https://guest-api.guestservices.theknot.com/us/11116084
Submission Tags: scythethephish
Submission: On May 09 via api (May 9th 2024, 9:22:40 am UTC) from RO — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 9 HTTP transactions. The main IP is 174.129.98.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is guest-api.guestservices.theknot.com. The Cisco Umbrella rank of the primary domain is 185967.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 11th 2023. Valid for: a year.

This is the only time guest-api.guestservices.theknot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	108.138.128.23 108.138.128.23	16509 (AMAZON-02) (AMAZON-02)
1	174.129.98.122 174.129.98.122	14618 (AMAZON-AES) (AMAZON-AES)
3	13.225.214.50 13.225.214.50	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2600:141b:1c0... 2600:141b:1c00:2583::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.203.178.115 23.203.178.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.111.140.246 34.111.140.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	7

2 108.138.128.23 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-23.jfk50.r.cloudfront.net

laura-and-paul.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.laura-and-paul.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.98.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-98-122.compute-1.amazonaws.com

guest-api.guestservices.theknot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net

static.xoedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:2583::13b8 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.178.115 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-178-115.deploy.static.akamaitechnologies.com

a539341702.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 923 a539341702.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1587	111 KB
3	xoedge.com static.xoedge.com — Cisco Umbrella Rank: 104845	387 KB
2	laura-and-paul.us 2 redirects laura-and-paul.us www.laura-and-paul.us	680 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	29 KB
1	theknot.com guest-api.guestservices.theknot.com — Cisco Umbrella Rank: 185967	3 KB
9	5

	Domain	Requested by
3	static.xoedge.com	guest-api.guestservices.theknot.com
2	logx.optimizely.com	cdn.optimizely.com
1	a539341702.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	guest-api.guestservices.theknot.com
1	code.jquery.com	guest-api.guestservices.theknot.com
1	guest-api.guestservices.theknot.com
1	www.laura-and-paul.us	1 redirects
1	laura-and-paul.us	1 redirects
9	8

This site contains no links.

Subject Issuer	Validity	Valid
*.guestservices.theknot.com Amazon RSA 2048 M03	`2023-11-11` - `2024-12-08`	a year	crt.sh
*.xoedge.com Amazon RSA 2048 M01	`2023-07-16` - `2024-08-13`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
logx.optimizely.com GTS CA 1D4	`2024-04-07` - `2024-07-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://guest-api.guestservices.theknot.com/us/11116084
Frame ID: 9A6A0274E2C414812E6D6D428350E10B
Requests: 11 HTTP requests in this frame

Frame: https://a539341702.cdn.optimizely.com/client_storage/a539341702.html
Frame ID: 8CA7A5D7E88CC893E036D5718F490F4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Wedding Websites - Best Wedding Websites

Page URL History Show full URLs

http://laura-and-paul.us/ HTTP 307
https://laura-and-paul.us/ HTTP 301
http://www.laura-and-paul.us/ HTTP 307
https://www.laura-and-paul.us/ HTTP 301
https://guest-api.guestservices.theknot.com/us/11116084 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

7
IPs

1
Countries

603 kB
Transfer

1325 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://laura-and-paul.us/ HTTP 307
https://laura-and-paul.us/ HTTP 301
http://www.laura-and-paul.us/ HTTP 307
https://www.laura-and-paul.us/ HTTP 301
https://guest-api.guestservices.theknot.com/us/11116084 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request 11116084 Show response
guest-api.guestservices.theknot.com/us/
Redirect Chain

http://laura-and-paul.us/
https://laura-and-paul.us/
http://www.laura-and-paul.us/
https://www.laura-and-paul.us/
https://guest-api.guestservices.theknot.com/us/11116084

6 KB
3 KB

171ms
53ms

Document
text/html

174.129.98.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://guest-api.guestservices.theknot.com/us/11116084

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

174.129.98.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-98-122.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

ee6aaf870727d1b43b7146b4cfc4c713cb20c0a4311e70f7959b5a17f94dfd9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 09:22:36 GMT
server: nginx/1.22.1
status: 404 Not Found
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 87e1f31a-24a6-4921-86f4-0c85f4b288aa
x-runtime: 0.009380
x-xss-protection: 1; mode=block

Redirect headers

content-length: 121
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 09:22:36 GMT
location: https://guest-api.guestservices.theknot.com/us/11116084
server: nginx/1.22.1
status: 301 Moved Permanently
vary: Origin
via: 1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
x-amz-cf-id: DezPZKtj2m512puwrpw73tEP3GMUHw6AS6qHKjSgN2OI6c2KsJ_mGQ==
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 4e34e2f1-4eb5-4fa0-97dc-0450f2c447dd
x-runtime: 0.006545
x-xss-protection: 1; mode=block

GET
H2 200 tk-bootstrap.4.css
static.xoedge.com/patterns/css/ 614 KB
338 KB 183ms
40ms Stylesheet
text/css 13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xoedge.com/patterns/css/tk-bootstrap.4.css?v=4.12.1
Requested by: Host: guest-api.guestservices.theknot.com
URL: https://guest-api.guestservices.theknot.com/us/11116084
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d646868eac65650cbeec6bd33b50731ba03d8bf5731e1414d1c4169f4c4c17c6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://guest-api.guestservices.theknot.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: I8dwS5sBG20aTJod_ojFPmNSe3SzmPk9
content-encoding: gzip
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
date: Thu, 09 May 2024 02:51:15 GMT
x-amz-cf-pop: EWR50-C1
age: 23482
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 344827
last-modified: Tue, 17 Dec 2019 19:49:01 GMT
server: AmazonS3
etag: "3160a7203150aeec6ad392fd834ce3cb"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
accept-ranges: bytes
x-amz-cf-id: xThN6SVsVqlbnnIBcLHjbZj5HHVccT_YN3giQ67CT0X7DkM3WCEiiA==

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 105ms
32ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: guest-api.guestservices.theknot.com
URL: https://guest-api.guestservices.theknot.com/us/11116084
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://guest-api.guestservices.theknot.com/
Origin: https://guest-api.guestservices.theknot.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 09:22:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1102711
x-cache: HIT, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-nyc-kteb1890057-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715246556.371310,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 56, 2626

GET
H2 200 1041871600.js Show response
cdn.optimizely.com/js/ 361 KB
111 KB 153ms
75ms Script
text/javascript 2600:141b:1c00:2583::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/1041871600.js

Requested by

Host: guest-api.guestservices.theknot.com
URL: https://guest-api.guestservices.theknot.com/us/11116084

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2583::13b8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

331cea6c026a150081b41bfeb0f8a96da980761fbb0d403fabe228ffd246f503

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://guest-api.guestservices.theknot.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 2eav6Gyc9RMAjZwGJSOeL9F0TyUJLQRC
content-encoding: gzip
date: Thu, 09 May 2024 09:22:36 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: R1XEEH77NFVZ4QAJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 7805
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=18, origin; dur=24, cdn;desc="AkamaiION";dur=0,rtt;desc="32";dur=0,cdnip;desc="2600:141b:1c00:2583::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1715246556341_399550055_216779970_4169_747_32_34_219";dur=1
content-length: 112608
x-amz-id-2: HJmM5+LKPFmQWqrpFNzD4X1Sxzpg+0BZI+IceYd1FHi3cvOdIgonalsoCosIJUgowWg3W6IYkcE=
last-modified: Thu, 07 Jul 2022 01:25:46 GMT
server: AmazonS3
etag: "6b5017f25f6115cfbb8e8543d2462021"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 application-83c6c0b44d0cc9dcb19218f57e6f4f95.css
static.xoedge.com/xo-guest-services/assets/ 172 KB
34 KB 181ms
39ms Stylesheet
text/css 13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xoedge.com/xo-guest-services/assets/application-83c6c0b44d0cc9dcb19218f57e6f4f95.css
Requested by: Host: guest-api.guestservices.theknot.com
URL: https://guest-api.guestservices.theknot.com/us/11116084
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c89037926688a3c2fdce508c123ccd372fcb0fa5bbb7190114ef82233f68099

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://guest-api.guestservices.theknot.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Mar 2024 19:00:38 GMT
x-amz-version-id: T4RdgSXKtNwiVj9gIeBZ_F4P5Q1DBCSl
content-encoding: gzip
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 4285319
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Tue, 19 Jan 2021 19:25:18 GMT
server: AmazonS3
etag: W/"cf98de8d2bd7aa0d94410f56f1e8be53"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
x-amz-cf-id: ecOTJ1PlQ5MqTIoHg3T3VyocxMMDJsQ-4t3s4A69VNQbXMw27d1x7w==
expires: Thu, 20 Jan 2022 01:25:17 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b36bb7e40f0a737979d28e2619bcdc5fa727cdc56564c6705e436869b3b3851

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0944c2fcff8f55b19b5d83955a688fb9e6aa7437fbab78b8880f7c5d818b060d

Request headers

Referer
Origin: https://guest-api.guestservices.theknot.com
Accept-Language: en-US,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 37 KB
37 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa926832a1f6a7beeec797776fc4903d3ef39f4468eac5a6d8ef3487c9e6db4

Request headers

Referer
Origin: https://guest-api.guestservices.theknot.com
Accept-Language: en-US,en;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 a539341702.html
a539341702.cdn.optimizely.com/client_storage/ Frame 8CA7 0
0 138ms
45ms Document
text/html 23.203.178.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a539341702.cdn.optimizely.com/client_storage/a539341702.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/1041871600.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.203.178.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-178-115.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://guest-api.guestservices.theknot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 774
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 09:22:36 GMT
etag: "d405fb0670d6ca0b09a2849c968c552a"
last-modified: Thu, 07 Jul 2022 01:26:09 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=8 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="33";dur=0,cdnip;desc="23.203.178.115";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1715246556831_399407179_563064461_808_1050_33_38_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: hNHcITfPdH95kJGm0dAno7u0vgjbP2ZnrfjKzCssjEuMNE+ONG0JosLpqjtXdR9A8RwhOKk3Lus=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 68TX1QF2BQD58C8K
x-amz-server-side-encryption: AES256
x-amz-version-id: HrO3GF1J0NveZ0CVgAAXQ70NLo8Gu4uL

GET
H2 200 favicon.ico
static.xoedge.com/patterns/images/ 15 KB
15 KB 35ms
35ms Other
image/vnd.microsoft.icon 13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xoedge.com/patterns/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80e9c302135c029cd2dc714ba1974cbaaeeb9c9f48d92e7d1507fe2396ab6fcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://guest-api.guestservices.theknot.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 02:05:46 GMT
x-amz-version-id: wGXGIEYLGf7pjchudX20aOQfmMBQUtWq
via: 1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
last-modified: Mon, 25 Feb 2019 16:26:43 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
age: 26211
etag: "3bbec464ea33758c1fc0b54a640784f1"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 15086
x-amz-cf-id: g1fer1ivqLCOQD-NAH5jloTsV4zvs29lgMXMnTooK9WjYSeTawYP1Q==

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
494 B 129ms
55ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/1041871600.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://guest-api.guestservices.theknot.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 09:22:37 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://guest-api.guestservices.theknot.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: f3c98be0-098f-4c57-a080-ba45ce4c7f19

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
79 B 57ms
56ms XHR
text/plain 34.111.140.246
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/1041871600.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 246.140.111.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://guest-api.guestservices.theknot.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 May 2024 09:22:38 GMT
x-envoy-decorator-operation: events-smart-router.edp-prod.svc.cluster.local:8080/*
via: 1.1 google
server: istio-envoy
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://guest-api.guestservices.theknot.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: affd6ca0-3f96-400a-983d-9fe50ccaaf68

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theknot.com/	1970-01-21 00:46:38	Name: optimizelyEndUserId Value: oeu1715246556694r0.3281389484236725

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://guest-api.guestservices.theknot.com/us/11116084 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://guest-api.guestservices.theknot.com/us/11116084(Line 18) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a539341702.cdn.optimizely.com
cdn.optimizely.com
code.jquery.com
guest-api.guestservices.theknot.com
laura-and-paul.us
logx.optimizely.com
static.xoedge.com
www.laura-and-paul.us
108.138.128.23
13.225.214.50
174.129.98.122
23.203.178.115
2600:141b:1c00:2583::13b8
2a04:4e42:600::649
34.111.140.246
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0944c2fcff8f55b19b5d83955a688fb9e6aa7437fbab78b8880f7c5d818b060d
331cea6c026a150081b41bfeb0f8a96da980761fbb0d403fabe228ffd246f503
7b36bb7e40f0a737979d28e2619bcdc5fa727cdc56564c6705e436869b3b3851
80e9c302135c029cd2dc714ba1974cbaaeeb9c9f48d92e7d1507fe2396ab6fcf
9c89037926688a3c2fdce508c123ccd372fcb0fa5bbb7190114ef82233f68099
d646868eac65650cbeec6bd33b50731ba03d8bf5731e1414d1c4169f4c4c17c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6aaf870727d1b43b7146b4cfc4c713cb20c0a4311e70f7959b5a17f94dfd9c
ffa926832a1f6a7beeec797776fc4903d3ef39f4468eac5a6d8ef3487c9e6db4

guest-api.guestservices.theknot.com Open in urlscan Pro 174.129.98.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

29 %IPv6

5 Domains

8 Subdomains

7 IPs

1 Countries

603 kBTransfer

1325 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

guest-api.guestservices.theknot.com Open in urlscan Pro
174.129.98.122 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

7
IPs

1
Countries

603 kB
Transfer

1325 kB
Size

1
Cookies

9 HTTP transactions
3 data transactions