vividseatsapi.discovery-prod.axs.com Open in urlscan Pro
2606:4700::6812:1507 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vividseatsapi.discovery-prod.axs.com/
Submission: On February 18 via api (February 18th 2023, 1:20:50 pm UTC) from US — Scanned from US

Summary HTTP 6 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6812:1507, located in United States and belongs to CLOUDFLARENET, US. The main domain is vividseatsapi.discovery-prod.axs.com.

This is the only time vividseatsapi.discovery-prod.axs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700::68... 2606:4700::6812:1507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.128.3 108.138.128.3	16509 (AMAZON-02) (AMAZON-02)
6	3

3 2606:4700::6812:1507 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vividseatsapi.discovery-prod.axs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-3.jfk50.r.cloudfront.net

static.discovery-prod.axs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	axs.com 1 redirects vividseatsapi.discovery-prod.axs.com static.discovery-prod.axs.com — Cisco Umbrella Rank: 56893 api.axs.com Failed	360 KB
6	1

	Domain	Requested by
3	vividseatsapi.discovery-prod.axs.com	1 redirects vividseatsapi.discovery-prod.axs.com
2	static.discovery-prod.axs.com	vividseatsapi.discovery-prod.axs.com
0	api.axs.com Failed	vividseatsapi.discovery-prod.axs.com
6	3

This site contains links to these domains. Also see Links.

Domain
support.axs.com

Subject Issuer	Validity	Valid
*.discovery-prod.axs.com Amazon	`2022-08-14` - `2023-09-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://vividseatsapi.discovery-prod.axs.com/
Frame ID: BE5299CC9C27A9139CEEBB7EF2928FE9
Requests: 6 HTTP requests in this frame

Frame: https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600
Frame ID: 4E957AC8358B0B3C63B12F48A83697DC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AXS

Page Statistics

6
Requests

33 %
HTTPS

50 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

427 kB
Transfer

600 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://support.axs.com/
Title: Click here.

Search URL Search Domain Scan URL

URL: https://support.axs.com/hc/en-gb
Title: Click here.

Search URL Search Domain Scan URL

URL: https://support.axs.com/hc/sv
Title: Klicka här för att kontakta oss.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600 HTTP 302
https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600

Request Chain 6

http://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP 0
https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

6 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden Primary Request / Show response
vividseatsapi.discovery-prod.axs.com/ 441 KB
285 KB 100ms
69ms Document
text/html 2606:4700::6812:1507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://vividseatsapi.discovery-prod.axs.com/

Protocol

HTTP/1.1

Server

2606:4700::6812:1507 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d60bc8b2232c1121f48de2f53acfc33166166cfc42b3ba007e67a7dbe7d713ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-RAY: 79b70fd8ca911885-EWR
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Feb 2023 13:20:44 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 5eb4b1b362e80-header-dt.png
static.discovery-prod.axs.com/uploads/ 41 KB
41 KB 49ms
10ms Image
image/png 108.138.128.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.discovery-prod.axs.com/uploads/5eb4b1b362e80-header-dt.png
Requested by: Host: vividseatsapi.discovery-prod.axs.com
URL: http://vividseatsapi.discovery-prod.axs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-3.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcfd75d1416a092aefd10ade935ed0fcc20c0fee31d7461fa33790ec1dbc110f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: GHwVcj4FLOYj4FCRHSVvbTcP5WpJqwMZ
date: Sat, 18 Feb 2023 13:17:17 GMT
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified: Tue, 06 Apr 2021 16:05:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 216
x-amz-server-side-encryption: AES256
etag: "c02d7a960b2ead9bb6c4f8293f6dfad9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 41860
x-amz-cf-id: K2e1avhnpF_h9iOXRBF7Otm82Yc3EArMABk7VdNs4jfNo_ZR5LI1Ug==

GET
H2 200 5eb4b1e55ac1c-header-mob.png
static.discovery-prod.axs.com/uploads/ 18 KB
19 KB 50ms
10ms Image
image/png 108.138.128.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.discovery-prod.axs.com/uploads/5eb4b1e55ac1c-header-mob.png
Requested by: Host: vividseatsapi.discovery-prod.axs.com
URL: http://vividseatsapi.discovery-prod.axs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-3.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da79657d005af8919193c90d059d9262e9dc68efae74f4b88271540a2aeb102b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 5Ucgf75Ou9t19pXhVuzcwvNUsDjJV0PK
date: Sat, 18 Feb 2023 13:17:17 GMT
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified: Tue, 06 Apr 2021 16:08:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 216
x-amz-server-side-encryption: AES256
etag: "0000368e36a7f3327e48b1cafeae60a3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 18873
x-amz-cf-id: wJSdXM9xXMjfv2GsuD8e_YpGF7AEAQbFPTA8-6thxkF6CvcNWsoyKw==

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
binary/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3b6e3d827d0f09b1c0f76527612ff918e016457794e29bb9e039e7a36245a68

Request headers

Referer: http://vividseatsapi.discovery-prod.axs.com/
Origin: http://vividseatsapi.discovery-prod.axs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
binary/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7055cee043488fed63dfc0ccc3a75bd387122cd03f064173d10fe8ad8c53e20c

Request headers

Referer: http://vividseatsapi.discovery-prod.axs.com/
Origin: http://vividseatsapi.discovery-prod.axs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET ipcheck
api.axs.com/proxy/v2/users/ 0
0

GET
H2

200

invisible.js Show response
vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 4E95
Redirect Chain

http://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600
https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600

32 KB
14 KB

46ms
20ms

Script
application/javascript

2606:4700::6812:1507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600

Requested by

Host: vividseatsapi.discovery-prod.axs.com
URL: http://vividseatsapi.discovery-prod.axs.com/

Protocol

Server

2606:4700::6812:1507 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75750d40cb3eaec03aa19d2799d6024d921019894e7674a565d851559ab2bd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 13:20:45 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79b70fda4e3a1829-EWR

Redirect headers

Date: Sat, 18 Feb 2023 13:20:45 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676721600
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
CF-RAY: 79b70fd9dbe21885-EWR
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET

pica.js
vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 4E95
Redirect Chain

http://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.axs.com
URL: https://api.axs.com/proxy/v2/users/ipcheck?access_token=4f2be33d835e7197e245c54ff00e5fb4&client_id=18_50d269328df8a48be955f18831d1057e8937cc06213bd4644dcb6768a674c886&client_secret=0b0e17d487d53c3c9bc7ada7b97bc0e9b3afa08fee34c431f9c21f5fa7ffc260

Domain: vividseatsapi.discovery-prod.axs.com
URL: https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.api.axs.com/	1970-01-20 09:45:28	Name: __cf_bm Value: 3LjbWH7Fds8X5Uj_Si_vuf_HLqXAAaROpUXjSdglV5w-1676726445-0-AfXlmrh04zqbtPNe3Nhpt+qFEOhO9ljKwCAVIHzjmiMYKcgaFnHDRab7cAmaEtl5B4TMQsWuvH2wb/0AsxMsU0s=
			.vividseatsapi.discovery-prod.axs.com/	1970-01-20 09:45:28	Name: __cf_bm Value: EjD22C0AtdssDVMsx0fWFZvGvkLhkIhniN34jn1bKc4-1676726445-0-AdAtBKPyG1tG7bhGQwqScXg9duajIWrRLCelK8OgKmhogeCgszdI0ep3F6999zV/+Uieu41G/k7jPz+AA9b50R8=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://vividseatsapi.discovery-prod.axs.com/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: http://vividseatsapi.discovery-prod.axs.com/ Message: Access to XMLHttpRequest at 'https://api.axs.com/proxy/v2/users/ipcheck?access_token=4f2be33d835e7197e245c54ff00e5fb4&client_id=18_50d269328df8a48be955f18831d1057e8937cc06213bd4644dcb6768a674c886&client_secret=0b0e17d487d53c3c9bc7ada7b97bc0e9b3afa08fee34c431f9c21f5fa7ffc260' from origin 'http://vividseatsapi.discovery-prod.axs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.axs.com/proxy/v2/users/ipcheck?access_token=4f2be33d835e7197e245c54ff00e5fb4&client_id=18_50d269328df8a48be955f18831d1057e8937cc06213bd4644dcb6768a674c886&client_secret=0b0e17d487d53c3c9bc7ada7b97bc0e9b3afa08fee34c431f9c21f5fa7ffc260 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: about:blank Message: Unsafe attempt to load URL https://vividseatsapi.discovery-prod.axs.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js from frame with URL about:blank. Domains, protocols and ports must match.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.axs.com
static.discovery-prod.axs.com
vividseatsapi.discovery-prod.axs.com
api.axs.com
vividseatsapi.discovery-prod.axs.com
108.138.128.3
2606:4700::6812:1507
7055cee043488fed63dfc0ccc3a75bd387122cd03f064173d10fe8ad8c53e20c
75750d40cb3eaec03aa19d2799d6024d921019894e7674a565d851559ab2bd15
c3b6e3d827d0f09b1c0f76527612ff918e016457794e29bb9e039e7a36245a68
d60bc8b2232c1121f48de2f53acfc33166166cfc42b3ba007e67a7dbe7d713ed
da79657d005af8919193c90d059d9262e9dc68efae74f4b88271540a2aeb102b
fcfd75d1416a092aefd10ade935ed0fcc20c0fee31d7461fa33790ec1dbc110f

vividseatsapi.discovery-prod.axs.com Open in urlscan Pro 2606:4700::6812:1507 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

33 %HTTPS

50 %IPv6

1 Domains

3 Subdomains

3 IPs

1 Countries

427 kBTransfer

600 kBSize

2 Cookies

3 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

vividseatsapi.discovery-prod.axs.com Open in urlscan Pro
2606:4700::6812:1507 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

33 %
HTTPS

50 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

427 kB
Transfer

600 kB
Size

2
Cookies

6 HTTP transactions
2 data transactions