URL: https://tickets.proventa.io/
Submission: On August 11 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2a00:12c0:101b:1ff::194, located in Germany and belongs to FILOO-ASN Rhedaer Strasse 25, DE. The main domain is tickets.proventa.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 12th 2020. Valid for: 3 months.
This is the only time tickets.proventa.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a00:12c0:101... 47215 (FILOO-ASN...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 3
Domain Requested by
5 tickets.proventa.io tickets.proventa.io
1 fonts.gstatic.com tickets.proventa.io
1 fonts.googleapis.com tickets.proventa.io
7 3

This site contains links to these domains. Also see Links.

Domain
www.bestpractical.com
www.gnu.org
Subject Issuer Validity Valid
tickets.proventa.io
Let's Encrypt Authority X3
2020-06-12 -
2020-09-10
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tickets.proventa.io/
Frame ID: 390C7FC4EB3AD251492DE9A2FFBA11B8
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

306 kB
Transfer

981 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
tickets.proventa.io/
6 KB
3 KB
Document
General
Full URL
https://tickets.proventa.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:1ff::194 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
b331e9cfd557487acfef65a49db1eebb277c2ca1eb59322d1666cb6b3fa22e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN DENY

Request headers

Host
tickets.proventa.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 11 Aug 2020 08:11:42 GMT
Server
Apache/2.4.38 (Debian)
X-Frame-Options
SAMEORIGIN DENY
Strict-Transport-Security
max-age=31536000
Set-Cookie
RT_SID_proventa.443=598fd712fc8bc83d11fc2dd1213120e2; path=/; HttpOnly
Cache-control
no-cache
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
squished-2e51575c553d4c17ddc15fac2a5bb122.css
tickets.proventa.io/NoAuth/css/rudder/
100 KB
20 KB
Stylesheet
General
Full URL
https://tickets.proventa.io/NoAuth/css/rudder/squished-2e51575c553d4c17ddc15fac2a5bb122.css
Requested by
Host: tickets.proventa.io
URL: https://tickets.proventa.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:1ff::194 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
4f5fc8fbe9fa470dc2299d621314ffaa74f1ef07f193663ebce33e341844f24a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN, DENY

Request headers

Referer
https://tickets.proventa.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Apache/2.4.38 (Debian)
Date
Tue, 11 Aug 2020 08:11:43 GMT
X-Frame-Options
SAMEORIGIN, DENY
Content-Type
text/css; charset=utf-8
Cache-control
max-age=2592000, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Expires
Thu, 10 Sep 2020 08:11:43 GMT
css?family=Open+Sans
fonts.googleapis.com/
2 KB
670 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: tickets.proventa.io
URL: https://tickets.proventa.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Aug 2020 07:04:34 GMT
server
ESF
date
Tue, 11 Aug 2020 08:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Aug 2020 08:11:43 GMT
squished-8fc547a59ef3d7e8792af18a242ba6f9.js
tickets.proventa.io/NoAuth/js/
839 KB
247 KB
Script
General
Full URL
https://tickets.proventa.io/NoAuth/js/squished-8fc547a59ef3d7e8792af18a242ba6f9.js
Requested by
Host: tickets.proventa.io
URL: https://tickets.proventa.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:1ff::194 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
7cec6c53a9dd42378f998363210f09fe82c165358b1e796d65d5100d9da63f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN, DENY

Request headers

Referer
https://tickets.proventa.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Apache/2.4.38 (Debian)
Date
Tue, 11 Aug 2020 08:11:43 GMT
X-Frame-Options
SAMEORIGIN, DENY
Content-Type
application/x-javascript; charset=utf-8
Cache-control
max-age=2592000, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Expires
Thu, 10 Sep 2020 08:11:43 GMT
3a437a53c67682454cbe2b12737c5383
tickets.proventa.io/NoAuth/Helpers/CustomLogo/
23 KB
23 KB
Image
General
Full URL
https://tickets.proventa.io/NoAuth/Helpers/CustomLogo/3a437a53c67682454cbe2b12737c5383
Requested by
Host: tickets.proventa.io
URL: https://tickets.proventa.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:1ff::194 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
64941b146817cc34175c5b444fffe2926b23fd33215f38f5a00c71064c1e3670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN, DENY

Request headers

Referer
https://tickets.proventa.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Server
Apache/2.4.38 (Debian)
Date
Tue, 11 Aug 2020 08:11:44 GMT
X-Frame-Options
SAMEORIGIN, DENY
Content-Type
image/png
Cache-control
max-age=2592000, public
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Expires
Thu, 10 Sep 2020 08:11:44 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: tickets.proventa.io
URL: https://tickets.proventa.io/NoAuth/js/squished-8fc547a59ef3d7e8792af18a242ba6f9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans
Origin
https://tickets.proventa.io

Response headers

date
Fri, 07 Aug 2020 05:25:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
355559
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 07 Aug 2021 05:25:45 GMT
bpslogo.png
tickets.proventa.io/static/images/
3 KB
3 KB
Image
General
Full URL
https://tickets.proventa.io/static/images/bpslogo.png
Requested by
Host: tickets.proventa.io
URL: https://tickets.proventa.io/NoAuth/js/squished-8fc547a59ef3d7e8792af18a242ba6f9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:12c0:101b:1ff::194 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),
Reverse DNS
Software
Apache/2.4.38 (Debian) /
Resource Hash
22d3ae4c3299e16c6d052c7749f127e63177de6280e91cd76611e1f94559e534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tickets.proventa.io/NoAuth/css/rudder/squished-2e51575c553d4c17ddc15fac2a5bb122.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 17 Aug 2019 05:47:17 GMT
Server
Apache/2.4.38 (Debian)
Date
Tue, 11 Aug 2020 08:11:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Keep-Alive
timeout=15, max=99
Content-Length
2656
Expires
Wed, 09 Sep 2020 22:00:19 GMT

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| RT function| createCookie function| loadTitleBoxStates function| loc_key function| show function| hide function| hideshow function| toggleVisibility function| setVisibility function| switchVisibility function| toggle_upgrade_history function| jQueryWrap function| addClass function| delClass function| rollup function| set_rollup_state function| getClosestInputElements function| setCheckbox function| walkChildNodes function| walkChildElements function| showShredderPluginTab function| checkAllObjects function| checkboxToInput function| ahah function| doOnLoad function| textToHTML function| ReplaceAllTextareas function| AddAttachmentWarning function| toggle_addprincipal_validity function| update_addprincipal_title function| addprincipal_onselect function| addprincipal_onchange function| escapeCssSelector function| scrollToJQueryObject function| toggle_hide_unset function| fold_message_stanza function| toggle_all_folds function| filter_cascade_by_id function| filter_cascade_select function| ReplaceUserReferences function| sync_grouped_custom_fields undefined| $ function| jQuery string| CKEDITOR_BASEPATH function| Mousetrap object| CKEDITOR function| Dropzone

1 Cookies

Domain/Path Name / Value
tickets.proventa.io/ Name: RT_SID_proventa.443
Value: 598fd712fc8bc83d11fc2dd1213120e2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN DENY