urlscan.io logo urlscan.io
SecurityTrails logo

ticketshop.alpbach.org Open in urlscan Pro
35.198.77.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://ticketshop.alpbach.org/
Submission: On May 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 35.198.77.44, located in Frankfurt am Main, Germany and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ticketshop.alpbach.org.
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on March 22nd 2022. Valid for: a year.
This is the only time ticketshop.alpbach.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 35.198.77.44 396982 (GOOGLE-CL...)
4 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
3 18.66.248.53 16509 (AMAZON-02)
2 54.186.23.98 16509 (AMAZON-02)
2 18.66.2.102 16509 (AMAZON-02)
1 54.185.141.192 16509 (AMAZON-02)
21 7
8    35.198.77.44 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.77.198.35.bc.googleusercontent.com
ticketshop.alpbach.org
16d8tl3j-m643.dotsandlines-cloud.at
4    2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:ef::5c7b:c24c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    18.66.248.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-53.dus51.r.cloudfront.net
js.stripe.com
2    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    18.66.2.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-102.txl50.r.cloudfront.net
m.stripe.network
1    54.185.141.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-141-192.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
7 alpbach.org
ticketshop.alpbach.org
122 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 979
q.stripe.com — Cisco Umbrella Rank: 6438
m.stripe.com — Cisco Umbrella Rank: 896
86 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 483
p.typekit.net — Cisco Umbrella Rank: 613
84 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1033
16 KB
1 dotsandlines-cloud.at
16d8tl3j-m643.dotsandlines-cloud.at
769 B
21 5
Domain Requested by
7 ticketshop.alpbach.org ticketshop.alpbach.org
4 use.typekit.net ticketshop.alpbach.org
use.typekit.net
3 js.stripe.com ticketshop.alpbach.org
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com ticketshop.alpbach.org
1 m.stripe.com m.stripe.network
1 16d8tl3j-m643.dotsandlines-cloud.at ticketshop.alpbach.org
1 p.typekit.net use.typekit.net
21 8

This site contains no links.

Subject Issuer Validity Valid
Kubernetes Ingress Controller Fake Certificate
Kubernetes Ingress Controller Fake Certificate		 2022-03-22 -
2023-03-22		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
16d8tl3j-m643.dotsandlines-cloud.at
R3		 2022-04-12 -
2022-07-11		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://ticketshop.alpbach.org/
Frame ID: 31418EA22966ACEE3A249AD34397A7D9
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-4153b65422c749e24354487a719db892.html
Frame ID: 1155C8714311C6E6D60D4346E21AE634
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B713210BBCFE05FA56040D8ECAB95ADE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

vue_ticketshop

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

21
Requests

67 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

309 kB
Transfer

835 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ticketshop.alpbach.org/ 		935 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
28fed0fe57958ef2d351064772bd68e16dee1f877fa870f5317ef7ed5f518dbd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 31 May 2022 10:52:17 GMT
etag
W/"6294df51-3a7"
last-modified
Mon, 30 May 2022 15:14:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
iconfont.css
ticketshop.alpbach.org/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ticketshop.alpbach.org/css/iconfont.css
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
650c2c380b4737b256da98e5a97075accd9994c4786a14392abe226c103e8bf9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:14:26 GMT
etag
W/"6294df52-299f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
expires
Tue, 07 Jun 2022 10:52:17 GMT
hbg7pey.css
use.typekit.net/ 		4 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/hbg7pey.css
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
67be00a1c08a7b40d79846b8b1d2198007509e3fa7a9bb5bfce47c13db199670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 31 May 2022 10:52:17 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
782
app.css
ticketshop.alpbach.org/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ticketshop.alpbach.org/css/app.css
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
7b85402397f222128ad52917916fdeee1a3b8cc36330a5e01ea5356fa3ade7d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:14:25 GMT
etag
W/"6294df51-70ff"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
expires
Tue, 07 Jun 2022 10:52:17 GMT
app.js
ticketshop.alpbach.org/js/ 		97 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ticketshop.alpbach.org/js/app.js
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
e8cd87459225d2da540fca28cb0c1867c64e8553b42f37814601389800afa37e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:14:27 GMT
etag
W/"6294df53-1821a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
expires
Tue, 07 Jun 2022 10:52:17 GMT
chunk-vendors.js
ticketshop.alpbach.org/js/ 		207 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ticketshop.alpbach.org/js/chunk-vendors.js
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
29df211bcd4a9cac5b9d8b80e9a1408de7fbf091fdf3319a648bb43eb7bd3aab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:14:27 GMT
etag
W/"6294df53-33a40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
expires
Tue, 07 Jun 2022 10:52:17 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=hbg7pey&ht=tk&f=13167.44510.44512.44514.44516&a=74593142&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hbg7pey.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c24c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
v3
js.stripe.com/ 		313 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/js/chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0550e77359570fba25e3caa2c4f1d1cbaca8a53fa6f2c2ab12c9b9591474cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-origin
*
last-modified
Fri, 27 May 2022 21:12:49 GMT
server
Cloudfront
etag
W/"5b6ee746edbbe2f17e1ea79f5941034f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
Hg8pr1g9994Ni94CjtNO-WcMRHwSILhmIN5Kl7YQWcN2SZnWLKEZ5g==
ticketlinks
16d8tl3j-m643.dotsandlines-cloud.at/api/ 		2 KB
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://16d8tl3j-m643.dotsandlines-cloud.at/api/ticketlinks
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/js/chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/ Craft CMS
Resource Hash
a88ff29674494d5cc583e4985b1a1471eb9be726e9b024c37537e71277cef7f2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://ticketshop.alpbach.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-powered-by
Craft CMS
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
vary
Accept-Encoding
x-content-type-options
nosniff
l
use.typekit.net/af/174e41/00000000000000007735c867/30/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/174e41/00000000000000007735c867/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hbg7pey.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
64759d13cd0a1b54cdadc8109603abe5d145637237791d6372d8511beb6777f8

Request headers

Referer
https://use.typekit.net/hbg7pey.css
Origin
https://ticketshop.alpbach.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
server
nginx
etag
"45a53c0690152b344a73cd68dc1cb89bc4c01a59"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28536
ic_arrow_right.svg
ticketshop.alpbach.org/img/ 		399 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ticketshop.alpbach.org/img/ic_arrow_right.svg
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
d2ca836f914d068b3b875309d190d66bec7a905a11c76f8bc85d2ad4e64ad8cc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:14:26 GMT
etag
W/"6294df52-18f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
expires
Tue, 07 Jun 2022 10:52:17 GMT
l
use.typekit.net/af/36a2f5/00000000000000007735c877/30/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/36a2f5/00000000000000007735c877/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hbg7pey.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ee12035214b0e1b7504e59d58a7e279b1072a7fac248045b5e2b2b9568fea2de

Request headers

Referer
https://use.typekit.net/hbg7pey.css
Origin
https://ticketshop.alpbach.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
server
nginx
etag
"0b489a4c6e25f1810c2680f15a7fd882016a5e95"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29264
m-outer-4153b65422c749e24354487a719db892.html
js.stripe.com/v3/ Frame 1155 		240 B
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-4153b65422c749e24354487a719db892.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e93e844686fba57c194199e23b5d631e73f4538c399595005e9a76a3de1ad753
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ticketshop.alpbach.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1033
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 31 May 2022 10:35:08 GMT
etag
"4153b65422c749e24354487a719db892"
last-modified
Fri, 27 May 2022 20:34:58 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-id
pfRyE_KKNpRBsUd4B2uqM2AsA15_mqNhjr0CvOgKdQhTJXYm8emg_Q==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 1155 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 31 May 2022 10:52:18 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-9955b5c46e241cae4baa3ce2f8db7b86.js
js.stripe.com/v3/fingerprinted/js/ Frame 1155 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-9955b5c46e241cae4baa3ce2f8db7b86.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-4153b65422c749e24354487a719db892.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-53.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
60f9cdffa54b3516f9dd33888dd028cd28dc363e562d305bc291660cd5da2ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-4153b65422c749e24354487a719db892.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
9
x-cache
Hit from cloudfront
date
Tue, 31 May 2022 10:52:09 GMT
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified
Fri, 27 May 2022 20:33:41 GMT
server
Cloudfront
etag
W/"f8f64b5dfcb745dea9887f0f79421f26"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
rLzOcSfU4qEb7V9RqqfQY8R-yN6KfVp3pt5fv6pa83I_JWzc3VHc_Q==
inner.html
m.stripe.network/ Frame B713 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-9955b5c46e241cae4baa3ce2f8db7b86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-102.txl50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
86
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 31 May 2022 10:50:52 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
x-amz-cf-id
UjYTsnGPP5N4nFW-pmdEIJ5DH7WevUpBcRWzpr8Y6t7N-GPIPem2gw==
x-amz-cf-pop
TXL50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame B713 		0
345 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 31 May 2022 10:52:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame B713 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-102.txl50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
66
date
Tue, 31 May 2022 10:51:12 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
TXL50-P1
x-amz-cf-id
DwTtjSs6MUhGNEPFWDYxjknJPc4UMzmlI8WdQ6MGgh3X-7pD0hY3OQ==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame B713 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.141.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-141-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fbde15ab4fd37bc0d2babd9f65fd894a69d1859f27207dd08d0a5eccf2c8dc11
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 May 2022 10:52:18 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
ic_ticket.svg
ticketshop.alpbach.org/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ticketshop.alpbach.org/img/ic_ticket.svg
Requested by
Host: ticketshop.alpbach.org
URL: https://ticketshop.alpbach.org/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.77.44 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
44.77.198.35.bc.googleusercontent.com
Software
/
Resource Hash
9757f40aab2a19ff2a9a1d1c2e52de784ef5bcd2e362c0abfac3d18e7cf50863
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ticketshop.alpbach.org/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:14:26 GMT
etag
W/"6294df52-9ff"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
strict-transport-security
max-age=15724800; includeSubDomains
x-robots-tag
noindex, nofollow
expires
Tue, 07 Jun 2022 10:52:17 GMT
l
use.typekit.net/af/2fce28/00000000000000007735c872/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2fce28/00000000000000007735c872/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hbg7pey.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
948dfcebd65c1a41fde6b77a0ba039985465490922e8eefddd56b16d7d6dff0b

Request headers

Referer
https://use.typekit.net/hbg7pey.css
Origin
https://ticketshop.alpbach.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 10:52:17 GMT
server
nginx
etag
"84e3d9c6639979f036611936eedd9f23851f850d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25808

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation boolean| alpbachDev object| webpackJsonp object| __webpackStripeJSv3Jsonp function| Stripe

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 431525b7-80dd-402b-964a-bd04730534ef9f9b41
.ticketshop.alpbach.org/ Name: __stripe_mid
Value: e15941e4-a12c-4c01-aef5-4525c3e1a37141564c
.ticketshop.alpbach.org/ Name: __stripe_sid
Value: 78b22535-962a-4051-ac72-756159fc666b357f33

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16d8tl3j-m643.dotsandlines-cloud.at
js.stripe.com
m.stripe.com
m.stripe.network
p.typekit.net
q.stripe.com
ticketshop.alpbach.org
use.typekit.net
18.66.2.102
18.66.248.53
2a02:26f0:ef::5c7b:c24c
2a02:26f0:f7::5c7b:e031
35.198.77.44
54.185.141.192
54.186.23.98
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
28fed0fe57958ef2d351064772bd68e16dee1f877fa870f5317ef7ed5f518dbd
29df211bcd4a9cac5b9d8b80e9a1408de7fbf091fdf3319a648bb43eb7bd3aab
60f9cdffa54b3516f9dd33888dd028cd28dc363e562d305bc291660cd5da2ecc
64759d13cd0a1b54cdadc8109603abe5d145637237791d6372d8511beb6777f8
650c2c380b4737b256da98e5a97075accd9994c4786a14392abe226c103e8bf9
67be00a1c08a7b40d79846b8b1d2198007509e3fa7a9bb5bfce47c13db199670
7b85402397f222128ad52917916fdeee1a3b8cc36330a5e01ea5356fa3ade7d7
948dfcebd65c1a41fde6b77a0ba039985465490922e8eefddd56b16d7d6dff0b
9757f40aab2a19ff2a9a1d1c2e52de784ef5bcd2e362c0abfac3d18e7cf50863
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a88ff29674494d5cc583e4985b1a1471eb9be726e9b024c37537e71277cef7f2
d2ca836f914d068b3b875309d190d66bec7a905a11c76f8bc85d2ad4e64ad8cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cd87459225d2da540fca28cb0c1867c64e8553b42f37814601389800afa37e
e93e844686fba57c194199e23b5d631e73f4538c399595005e9a76a3de1ad753
ee12035214b0e1b7504e59d58a7e279b1072a7fac248045b5e2b2b9568fea2de
f0550e77359570fba25e3caa2c4f1d1cbaca8a53fa6f2c2ab12c9b9591474cc7
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fbde15ab4fd37bc0d2babd9f65fd894a69d1859f27207dd08d0a5eccf2c8dc11