Submitted URL: https://billetterie.lachapelle.org/
Effective URL: https://billetterie.lachapelle.org/Online/default.asp
Submission: On August 17 via automatic, source certstream-suspicious

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 74.200.12.17, located in Toronto, Canada and belongs to Q9-AS-BRAM, CA. The main domain is billetterie.lachapelle.org.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on March 1st 2021. Valid for: a year.
This is the only time billetterie.lachapelle.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 74.200.12.17 36031 (Q9-AS-BRAM)
9 1
Apex Domain
Subdomains
Transfer
10 lachapelle.org
billetterie.lachapelle.org
303 KB
9 1
Domain Requested by
10 billetterie.lachapelle.org 1 redirects billetterie.lachapelle.org
9 1

This site contains no links.

Subject Issuer Validity Valid
billetterie.exploramer.qc.ca
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-01 -
2022-04-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://billetterie.lachapelle.org/Online/default.asp
Frame ID: 8DC6B2959AE45CC3C680227DFC9A4B55
Requests: 9 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://billetterie.lachapelle.org/ HTTP 302
    https://billetterie.lachapelle.org/Online/default.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

302 kB
Transfer

614 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billetterie.lachapelle.org/ HTTP 302
    https://billetterie.lachapelle.org/Online/default.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set default.asp
billetterie.lachapelle.org/Online/
Redirect Chain
  • https://billetterie.lachapelle.org/
  • https://billetterie.lachapelle.org/Online/default.asp
13 KB
4 KB
Document
General
Full URL
https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
246027b72529ec60a55dba9976efc96ebca17be5b28f6bd618e69f49bbde69d3
Security Headers
Name Value
Content-Security-Policy script-src 'self' https: https://* s7.addthis.com tk3d.tk3dapi.com js.braintreegateway.com *.google.com google.com *.google-analytics.com googletagmanager.com platform.twitter.com connect.facebook.net 'unsafe-inline' 'unsafe-eval'; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
billetterie.lachapelle.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ASPSESSIONIDAGCBATST=CNKPEBBBADLLLBFBJKEGDLFB; AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; Charset=UTF-8
Server
X-UA-Compatible
IE=edge,chrome=1
Content-Security-Policy
script-src 'self' https: https://* s7.addthis.com tk3d.tk3dapi.com js.braintreegateway.com *.google.com google.com *.google-analytics.com googletagmanager.com platform.twitter.com connect.facebook.net 'unsafe-inline' 'unsafe-eval'; object-src 'self';
Set-Cookie
ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA; secure; path=/; HttpOnly; SameSite=None
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Tue, 17 Aug 2021 15:38:01 GMT
X-XSS-Protection
1; mode=block
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3391
Connection
Keep-Alive

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; Charset=UTF-8
Location
Online/default.asp
Server
Set-Cookie
ASPSESSIONIDAGCBATST=CNKPEBBBADLLLBFBJKEGDLFB; secure; path=/; HttpOnly; SameSite=None AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; path=/; Httponly; Secure
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Length
139
X-XSS-Protection
1; mode=block
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Vary
Accept-Encoding
bootstrap.min.css
billetterie.lachapelle.org/lib/bootstrap/css/
156 KB
25 KB
Stylesheet
General
Full URL
https://billetterie.lachapelle.org/lib/bootstrap/css/bootstrap.min.css?_7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 08:31:21 GMT
Server
ETag
"faecdf177992d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
24678
X-XSS-Protection
1; mode=block
all.min.css
billetterie.lachapelle.org/lib/fontawesome-free/css/
56 KB
13 KB
Stylesheet
General
Full URL
https://billetterie.lachapelle.org/lib/fontawesome-free/css/all.min.css
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
9a9a28d750579ac666f56c250a9fe0ca251a3d312902c5aa8ddc118b776a1ef6
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 08:31:23 GMT
Server
ETag
"e2d786187992d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
12449
X-XSS-Protection
1; mode=block
global.css
billetterie.lachapelle.org/content/images/branding/
160 KB
30 KB
Stylesheet
General
Full URL
https://billetterie.lachapelle.org/content/images/branding/global.css?_=7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
7b5eda00a1dc34c13d64f777c3aafa588919425d6f9c21a5ad732461105da73b
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 09:13:47 GMT
Server
ETag
"7a6ff047f92d71:0"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/css
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
29732
X-XSS-Protection
1; mode=block
jquery.min.js
billetterie.lachapelle.org/lib/jquery/
87 KB
88 KB
Script
General
Full URL
https://billetterie.lachapelle.org/lib/jquery/jquery.min.js?_=7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 08:31:26 GMT
Server
ETag
"bdf2951a7992d71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Accept-Ranges
bytes
Content-Length
89478
X-XSS-Protection
1; mode=block
browser_detect.js
billetterie.lachapelle.org/Common/
1 KB
2 KB
Script
General
Full URL
https://billetterie.lachapelle.org/Common/browser_detect.js?_=7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
79c0f75ad8911b679fcc9a524ea7062bc50f8135063482a453693ace859b3056
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 17:27:54 GMT
Server
ETag
"0c9e311e87fd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Tue, 17 Aug 2021 15:38:03 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Accept-Ranges
bytes
Content-Length
1520
X-XSS-Protection
1; mode=block
online-jscript.js
billetterie.lachapelle.org/Common/
78 KB
78 KB
Script
General
Full URL
https://billetterie.lachapelle.org/Common/online-jscript.js?_=7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
31d055f7559ddba23229a5422cd0ba3dc13cc1c39f669225a1623ebfb5b9469b
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 17:27:54 GMT
Server
ETag
"0c9e311e87fd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Accept-Ranges
bytes
Content-Length
79868
X-XSS-Protection
1; mode=block
online-navigation-jscript.js
billetterie.lachapelle.org/Common/
9 KB
9 KB
Script
General
Full URL
https://billetterie.lachapelle.org/Common/online-navigation-jscript.js?_=7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
38e46e58d310fcb344e2a48d5edcd97448abcb7d8b20f38f570ebf2b3969bc56
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 17:27:54 GMT
Server
ETag
"0c9e311e87fd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Accept-Ranges
bytes
Content-Length
8817
X-XSS-Protection
1; mode=block
widgetParent.js
billetterie.lachapelle.org/Common/Widgets/
53 KB
54 KB
Script
General
Full URL
https://billetterie.lachapelle.org/Common/Widgets/widgetParent.js?_=7.43.0
Requested by
Host: billetterie.lachapelle.org
URL: https://billetterie.lachapelle.org/Online/default.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.200.12.17 Toronto, Canada, ASN36031 (Q9-AS-BRAM, CA),
Reverse DNS
17.12.200-74.q9.net
Software
/
Resource Hash
a357d5787faebd23fafd6c3d5c17d538af7e2aea3f76ee4a28dfa26ef7da6ae1
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
billetterie.lachapelle.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://billetterie.lachapelle.org/Online/default.asp
Cookie
AV-Cookie=!fwFceSvTOmkN7Ei7ryZJH5eese57XXh+KhXci9wrYQDOo+xOju585vKfIe6KWLfZvSWqXbQ4NDN9QUk=; ASPSESSIONIDAGCBATST=DNKPEBBBFBCDKEMJIJDEBJIA
Connection
keep-alive
Referer
https://billetterie.lachapelle.org/Online/default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Jul 2021 17:27:56 GMT
Server
ETag
"0f61413e87fd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Tue, 17 Aug 2021 15:38:01 GMT
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*; object-src 'self'
Accept-Ranges
bytes
Content-Length
54460
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| testCookie function| setRSVPButtons function| setRSVPButtonsLogin function| rsvpToFBEvent function| rsvpToFBEventLogin string| agt string| appVer number| is_minor number| is_major number| iePos boolean| is_nav boolean| is_navonly boolean| is_nav2 boolean| is_nav3 boolean| is_nav4 boolean| is_nav4up boolean| is_nav6 boolean| is_nav6up boolean| is_nav7 boolean| is_nav7up boolean| is_ie boolean| is_ie3 boolean| is_ie4 boolean| is_ie4up boolean| is_ie5 boolean| is_ie5up boolean| is_ie5_5 boolean| is_ie5_5up boolean| is_ie6 boolean| is_ie6up string| is_getElementById string| genericConfirmationMessage string| offerExpired string| admissionsExpired string| alertHeaderText string| termsHeaderText string| helpHeaderText string| sectionHeaderText string| okayButtonText string| cancelButtonText string| acceptButtonText string| declineButtonText string| closeButtonText string| sTokenName string| sToken undefined| tsCalHdl object| tsWinHdl undefined| tsDurHdl undefined| tsErrorDialogHdl boolean| isDesktop string| CommonPath function| tsSelectField function| tsValueFromText function| tsCompleteTyping function| tsToggleChildFilter function| getFocusElemsModal undefined| modalOpener function| addFocusContext function| tsTestValue function| tsTextKeyDown function| tsSpinnerUp function| tsSpinnerDown function| togglePlaceHolder function| setFocusTextField function| tsSetFromPopup function| tsShiftToText function| tsPopupFocus function| tsPopupBlur function| tsChooserClick function| tsSetTimeValue function| PageUnload function| tsToggleNodeState function| TSdisableChildren function| GetRealValue function| SetRealValue function| tsToggleDisplay function| tsSetAllCheckboxes function| highlightrow function| tsSetMailLink function| returnTrue function| returnFalse function| tsToggleIconClass function| disableSubmitButton number| tsTimeStart boolean| expMsgFlag function| tsSeedTimer function| tsClearTimer function| tsTimeStr function| displayOnOfferTimeout object| openWindows function| WindowPop function| closeChildren function| loadUrl function| jumpTo function| checkout function| recalculate function| addGiftCert function| addDonation function| logon function| newUser function| setDelItem boolean| tsAllowSubmit boolean| submitCalled function| SubmitForm function| submitNewForm function| downLoadTickets function| tsAddMultiField function| tsAddInputItem function| tsCreateInputElement function| disablePromoText function| tsCreateHidden function| tsCreateDiv function| tsCreateHeading function| tsCreateForm function| tsCreateInputText function| tsCreateInputPassword function| tsCreateSubmit function| tsCreateTable function| tsCreateTableRow string| NBSP function| tsCreateNBSP function| tsCreateTableHeader function| tsCreateTableCell function| tsCreateText function| tsCreateParagraph function| tsCreateSpan function| tsCreateLink function| tsCreateImage function| tsCreateList function| tsCreateListItem function| tsAddReadyEvent function| tsLoadScript function| tsBuildLink number| lightBoxCount function| lightBoxOn function| lightboxOff object| popupButtonTypes undefined| iframe function| baseDiv function| bind function| showInformationPopup function| showAddressVerificationPopup function| showReloadPopup function| showAddDonationPopup function| showAddAdmissionCustomer function| showAssignAccount function| showRedeemGiftCardPopup function| showSectionPopup function| showAlertPopup function| showConfirmPopup function| showTermsPopupI function| tsSetEventListener function| closePopupDiv function| splitMsgText function| toggleElemDisplay function| QuickLogOut function| validateRadio function| addFriendPopup function| showGiftCardPopup function| showTicketForwardPopup function| showUpsellPopup function| hidePopup function| containsValue function| isSmallScreen function| isTouchScreen function| isIOS object| bodyPopupClass function| buySeats function| buySeatsLink function| buyBundle function| buyBundleLink function| buyItem function| buyItemLink function| buyGift function| buyGiftLink function| buyStoredValueItem function| buyStoredValueItemLink function| viewArticle function| viewArticleLink function| upsellLink function| showAddOn function| showUpsell function| tsCreateInfoLink function| addHiddenElementToForm function| WidgetMaster function| tsGetWindowSize function| tsGetScrollXY function| tsGetCoordinates function| tsOpenAddFriend object| tsCalTargets string| tsCalForm object| tsCalCallback object| cur_sTokenName function| tsOpenCalendar function| tsApplyCalendar object| tsDurTargets string| tsDurForm function| tsOpenDuration function| tsApplyDuration object| tsPerfSelectCallback function| tsOpenPerformanceSelector function| tsApplyPerformanceSelector function| tsOpenColour function| tsScreenSummary function| tsUploadSummary function| tsDownloadSummary function| tsUploadExtract function| tsDownloadExtract function| tsOpenExtract function| tsOpenSummary function| DoAction function| GetKey object| tsConfirmFunction object| tsExtractWarning object| tsExtractParameters object| openWidgets number| widgetIdx string| avAlertMessage function| getAVAlertMessage function| AValert function| AVconfirm function| AVExtractConfirm function| AVExtractRetry function| confirmWidget function| AVinvoice function| AVBIResult function| AVBIEdit function| AVBIClose function| OpenGUIDWidget function| GUIDiconUp function| GUIDiconDown function| GUIDiconSelect function| openListWidget function| openWidget function| openFormWidget function| closeWidget function| doAction function| resizeWidget function| applyWidget object| widgetdragger number| widgetdragX number| widgetdragY number| widgetstartX number| widgetstartY function| startWidgetDrag function| stopWidgetDrag function| moveWidget function| displayMessage function| tsOrderChanged function| startList boolean| plusApi_loaded boolean| twitterApi_loaded boolean| fbApi_loaded function| setLanguage function| doGAClicks function| gaTrackEvent string| returnTo undefined| reffA function| setCookie function| getCookie function| deleteCookie

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' https: https://* s7.addthis.com tk3d.tk3dapi.com js.braintreegateway.com *.google.com google.com *.google-analytics.com googletagmanager.com platform.twitter.com connect.facebook.net 'unsafe-inline' 'unsafe-eval'; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block