login.tickets.nyc.com Open in urlscan Pro
8.45.158.75  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login.tickets.nyc.com/	68 KB 32 KB	676ms 181ms	Document text/html	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash 516a80b1719e3eedaff4c7ed1da6a907e1b4ba1f1b26d0029e44778be5d876c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control public, no-cache="Set-Cookie", no-store, max-age=0 Content-Encoding deflate Content-Length 31804 Content-Type text/html; charset=utf-8 Date Wed, 10 Jul 2024 15:21:43 GMT Expires Wed, 10 Jul 2024 15:21:44 GMT Last-Modified Wed, 10 Jul 2024 15:21:44 GMT P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Strict-Transport-Security max-age=31536000; includeSubDomains Vary * X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	188ms 54ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 20:14:23 GMT content-encoding gzip x-content-type-options nosniff age 155242 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 08 Jul 2025 20:14:23 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/	249 KB 66 KB	292ms 159ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:43:17 GMT content-encoding gzip x-content-type-options nosniff age 106708 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67865 x-xss-protection 0 last-modified Wed, 20 Jul 2022 08:22:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:43:17 GMT
GET H3	200	modernizr.min.js Show response cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/	11 KB 5 KB	65ms 35ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 56704 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3980 last-modified Mon, 04 May 2020 16:13:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f26-2b4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VblNhCbw6%2BKAitkQfC8XK0QcD%2FeN44xBsHOPm7apQUAveKn3A5JMhThRRYgjnvMQyaETACmspD51pPTSRYtR7esIc5QTe80fHk4N2kCgqBpqfg1TV%2BqNnnIl5mdP3dFbJxWRmVG"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8a118b97f9c992a0-CPH expires Mon, 30 Jun 2025 15:21:44 GMT
GET H2	200	jquery-ui.min.css ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/	31 KB 8 KB	291ms 157ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.min.css Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9a4e11935f5ea4aef82c0b7ab7a0ce43a99b90a2f15ee4b38c2eb75a38cbeb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:37:47 GMT content-encoding gzip x-content-type-options nosniff age 107038 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7650 x-xss-protection 0 last-modified Wed, 20 Jul 2022 08:22:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:37:47 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 1002 B	202ms 73ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500&subset=latin,latin-ext Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d8d622af7c58a31a2672b8661a1634e58cc38eac1677ccc44632203dd7dcab94 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 10 Jul 2024 15:21:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 Jul 2024 15:17:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 Jul 2024 15:21:45 GMT
GET H3	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/	28 KB 7 KB	78ms 41ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1067 strict-transport-security max-age=31536000; includeSubDomains; preload age 1365249 cdn-cachedat 03/18/2024 12:37:30 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"4083f5d376eb849a458cc790b53ba080" vary Accept-Encoding, Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid dfec769e85667dbadb13f9be93ffc342 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8a118b980ce6b5f4-WAW cdn-requestpullsuccess True
GET H/1.1	200 OK	CSS_Bundle_EE4CECD6652AFAAF75AC1887FBF16DA5.css login.tickets.nyc.com/Contents/	254 KB 45 KB	327ms 189ms	Stylesheet text/css	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/Contents/CSS_Bundle_EE4CECD6652AFAAF75AC1887FBF16DA5.css?nev=3.0.0.0 Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash d75a8c2aa3ca40b8131fbed361eeb7449c961912ae4fee7ba20b57fbcd416088 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding deflate X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 08:00:11 GMT X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control private Content-Length 45599 X-XSS-Protection 1; mode=block Expires Thu, 10 Jul 2025 15:21:45 GMT
GET H/1.1	200 OK	retail accounts.tickettransaction.com/Content/	148 KB 29 KB	679ms 165ms	Stylesheet text/css	8.45.158.81 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://accounts.tickettransaction.com/Content/retail Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.81 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash efb3a38e7aa2cdfb272bb45958d27d1d957a883bf79dba3a11834c5ea3771f54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 15:21:45 GMT Vary User-Agent,Accept-Encoding Content-Type text/css; charset=utf-8 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control public Content-Length 28964 X-XSS-Protection 1; mode=block Expires Thu, 10 Jul 2025 15:21:45 GMT
GET H/1.1	200 OK	sso.login.min.js Show response accounts.tickettransaction.com/Scripts/en/	27 KB 11 KB	675ms 160ms	Script application/javascript	8.45.158.81 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://accounts.tickettransaction.com/Scripts/en/sso.login.min.js Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.81 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash 49bb3e8a2293efb8ebbcc93ead05fa838907f92ea64fd4fd5568de22c13d66d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 08:00:23 GMT ETag "80c548379fd2da1:0" Vary Accept-Encoding Content-Type application/javascript P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control public,max-age=3600 Accept-Ranges bytes Content-Length 10268 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Script_Bundle_70F289B4587CC0536B5442196878A986.js Show response login.tickets.nyc.com/Contents/	65 KB 21 KB	638ms 167ms	Script application/x-javascript	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/Contents/Script_Bundle_70F289B4587CC0536B5442196878A986.js?nev=3.0.0.0 Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash 2fd7957ef43829d100d7813f0f43d2db00fe4fea35f4ee3af08dee1122188a58 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding deflate X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 08:00:12 GMT X-Frame-Options SAMEORIGIN Content-Type application/x-javascript; charset=utf-8 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control private Content-Length 20951 X-XSS-Protection 1; mode=block Expires Thu, 10 Jul 2025 15:21:45 GMT
GET H/1.1	200 OK	Script_Bundle_A5ADD48C14EF61859C84CDAD1B09211E.js Show response login.tickets.nyc.com/Contents/	4 KB 2 KB	658ms 163ms	Script application/x-javascript	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/Contents/Script_Bundle_A5ADD48C14EF61859C84CDAD1B09211E.js?nev=3.0.0.0 Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash 73020ce204daa563d327ded75d60c3f2f5c5588cf3b588d175a2c45d8968f6e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding deflate X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 08:00:40 GMT X-Frame-Options SAMEORIGIN Content-Type application/x-javascript; charset=utf-8 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control private Content-Length 1454 X-XSS-Protection 1; mode=block Expires Thu, 10 Jul 2025 15:21:45 GMT
GET H3	200	font-awesome.min.css netdna.bootstrapcdn.com/font-awesome/4.1.0/css/	20 KB 6 KB	83ms 45ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 strict-transport-security max-age=31536000; includeSubDomains; preload age 1139337 cdn-cachedat 12/27/2023 03:42:36 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:53 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"bbfef9385083d307ad2692c0cf99f611" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 43ad5ee64ff873413ed90a4cdbfe450d timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8a118b980952c01e-WAW cdn-requestpullsuccess True
GET H/1.1	200 OK	stylesheet-site-AM.css login.tickets.nyc.com/brokers/01971-000/	5 KB 2 KB	630ms 160ms	Stylesheet text/css	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/brokers/01971-000/stylesheet-site-AM.css Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash b4245208f49fa2736e4bb97775dcbe4475771ca01ef44f0f158b1497f8556d0c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding deflate X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Mon, 18 Jul 2022 21:19:26 GMT X-Frame-Options SAMEORIGIN P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Content-Type text/css Cache-Control private Content-Length 1337 X-XSS-Protection 1; mode=block
GET H3	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/	27 KB 7 KB	75ms 41ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1029 strict-transport-security max-age=31536000; includeSubDomains; preload age 1361772 cdn-cachedat 03/18/2024 12:10:08 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:54 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"4fbd15cb6047af93373f4f895639c8bf" vary Accept-Encoding, Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 08e05320f24d8e808a4ef38c6a818369 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8a118b980ce9b5f4-WAW cdn-requestpullsuccess True
GET H3	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/	115 KB 23 KB	106ms 72ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 871 strict-transport-security max-age=31536000; includeSubDomains; preload age 2898751 cdn-cachedat 02/23/2024 08:23:19 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:58 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"eedf9ee80c2faa4e1b9ab9017cdfcb88" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 84e7d36204b62639de3f2f7c2085890f timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8a118b980ceab5f4-WAW cdn-requestpullsuccess True
GET H/1.1	200 OK	logo-order-390x46.png checkout.nyc.com/Branding/01971-000/	3 KB 4 KB	673ms 160ms	Image image/png	8.45.158.224 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://checkout.nyc.com/Branding/01971-000/logo-order-390x46.png?v=20220105182317 Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.224 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash caa95d0253e61363b629f4229d68ed42e81218c81fdbcc08040d5daec14776d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Wed, 10 Jul 2024 15:21:44 GMT X-Content-Type-Options nosniff Last-Modified Wed, 05 Jan 2022 18:23:23 GMT ETag "4569d052612d81:0" X-Frame-Options SAMEORIGIN P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Content-Type image/png Accept-Ranges bytes Content-Length 3390 X-XSS-Protection 1; mode=block
GET H3	200	ladda-themeless.min.css cdnjs.cloudflare.com/ajax/libs/Ladda/1.0.0/	8 KB 1 KB	36ms 36ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Ladda/1.0.0/ladda-themeless.min.css Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77b5594e53fd3f7653099dc1925f1a199ffe56ce22f9ba5c38635f89b53bf8b5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://login.tickets.nyc.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1706813 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 936 last-modified Mon, 04 May 2020 16:04:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03cf0-1e1e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoLlfJf9Jtsl%2FnKu5LF%2FGeaQd99Hw0CJBsqd2XMVfWFAhGNdeLhLerfFBEd1iz8TiWlpPYVG6mKj7W%2FRE6zAaSqbyl%2FDcktJXivhVQoHeYpedh7aYM2Ufd6hdTZGzQqs6VSyeucH"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8a118b9d4c7092a0-CPH expires Mon, 30 Jun 2025 15:21:45 GMT
GET H/1.1	200 OK	login accounts.tickettransaction.com/ Frame D8DA	0 0	724ms 226ms	Document text/html	8.45.158.81 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://accounts.tickettransaction.com/login?loginViewType=fullscreen&websiteConfigId=2313&windowPostMessageURL=https://login.tickets.nyc.com&register=false&relyingParty=UAProd2313&customLoader=true&ajaxPostSAMLResponse=true&email= Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.81 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, no-store Content-Encoding gzip Content-Language en Content-Length 7090 Content-Type text/html; charset=utf-8 Date Wed, 10 Jul 2024 15:21:46 GMT Expires -1 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000 Vary Accept-Encoding X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	modal-gloss.png login.tickets.nyc.com/MTShared/Images/	3 KB 3 KB	151ms 151ms	Image image/png	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://login.tickets.nyc.com/MTShared/Images/modal-gloss.png Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/Contents/CSS_Bundle_EE4CECD6652AFAAF75AC1887FBF16DA5.css?nev=3.0.0.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash 7d2aab4db2f4758ad052077dde124507d2f84e8c7a0d882853b271b8ea189671 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/Contents/CSS_Bundle_EE4CECD6652AFAAF75AC1887FBF16DA5.css?nev=3.0.0.0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Wed, 10 Jul 2024 15:21:45 GMT X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Content-Type image/png Cache-Control private Content-Length 2912 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	arrow_right.png login.tickets.nyc.com/MTShared/Images/	167 B 707 B	152ms 151ms	Image image/png	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://login.tickets.nyc.com/MTShared/Images/arrow_right.png?nev=3.0.0.0 Requested by Host: login.tickets.nyc.com URL: https://login.tickets.nyc.com/Contents/CSS_Bundle_EE4CECD6652AFAAF75AC1887FBF16DA5.css?nev=3.0.0.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash 583ca6d29346faa27ca4cb940af6bb8f068fec78b89f3acda8c4ca0bd78a3497 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://login.tickets.nyc.com/Contents/CSS_Bundle_EE4CECD6652AFAAF75AC1887FBF16DA5.css?nev=3.0.0.0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Wed, 10 Jul 2024 15:21:45 GMT X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Content-Type image/png P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control private Content-Length 167 X-XSS-Protection 1; mode=block Expires Thu, 10 Jul 2025 15:21:45 GMT
GET H3	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/	65 KB 66 KB	123ms 88ms	Font font/woff2	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css Origin https://login.tickets.nyc.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 15:21:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 723 cdn-cachedat 10/31/2023 18:48:08 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 66624 last-modified Mon, 25 Jan 2021 22:04:54 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag "db812d8a70a4e88e888744c1c9a27e89" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 2af43a3a01150a6e2960af4be46982a2 accept-ranges bytes timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8a118b9da862bbbd-WAW cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d8d0097dfba97d74744948608adb11b19dd8e53fdeb5ab1015f3530f09e2f041 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 720cf6fe633c974f3777bcb6ef3fa159eb51b305ac32b4e8834951602960b108 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 167dad52c4eae8b24004fee7ad7c444fb74ea863758ef890133bd7c4908827cf Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 22a69986c7b624733a7e949cf89121f0fb7adc2b12bda536c9035c863598ce9c Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01b668625bd5b728f7161c4eb136c9f628854145e9478be8b3a7903c1a1bf864 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 629b5003adac8620e766474c956ef7492a36c5169fdc6eefc09a1cca9df3b349 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3d179ef38cf41167eb745115ae9a13f72119f2247b73b320c824411368370a14 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e5753976038225a8cae980c166349cec5602ddb1bf7f2c2e525c84924d85ca94 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	PreHeaderJSON Show response login.tickets.nyc.com/Account/	360 B 1005 B	157ms 157ms	XHR application/javascript	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/Account/PreHeaderJSON?callback=jQuery36005758859388792035_1720624905208&_=1720624905209 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash c8e93a9a222a6b10066c2665bfc947054869056f89fd4db87bd7a5f7e0135c3c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://login.tickets.nyc.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 15:21:45 GMT Vary * X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=utf-8 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control public, no-cache="Set-Cookie", no-store, max-age=0 Content-Length 315 X-XSS-Protection 1; mode=block Expires Wed, 10 Jul 2024 15:21:45 GMT
GET H/1.1	200 OK	PreHeaderJSON Show response login.tickets.nyc.com/Account/	360 B 1005 B	169ms 168ms	XHR application/javascript	8.45.158.75 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://login.tickets.nyc.com/Account/PreHeaderJSON?callback=jQuery36005758859388792035_1720624905210&_=1720624905211 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 8.45.158.75 Waukesha, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash ca6bc11c2c456591bf213750e2a4906743a630c41edd2b9cd01394d59d539ad6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://login.tickets.nyc.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 10 Jul 2024 15:21:45 GMT Last-Modified Wed, 10 Jul 2024 15:21:45 GMT Vary * X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=utf-8 P3P CP="We have no P3P policy as the P3P standard is now out of date. Please see the current privacy policy on the website." Cache-Control public, no-cache="Set-Cookie", no-store, max-age=0 Content-Length 315 X-XSS-Protection 1; mode=block Expires Wed, 10 Jul 2024 15:21:45 GMT

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| html5 object| Modernizr object| sso function| Url function| sprintf function| vsprintf function| Spinner object| Ladda function| PreHeaderCallBack function| logOut function| mrtSetCookie function| mrtGetCookie function| mrtDeleteCookie function| getParameterByName object| preheaderResources object| MRT object| GS object| Mailcheck string| tn_query number| tn_ppc_src_start function| setupSsoLogin boolean| cookiesEnabled function| resizeLoginFrame function| navToPassReset function| fillInSuggestedEmail function| changePassFields function| ExistAcct function| resendPasswordEmail function| revealLinkedIdentityPicker function| ssoLoginHandler object| smResources function| laddaStart function| laddaStop

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.tickets.nyc.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: eykyg4z1wbhui4fripd0n23s
			.nyc.com/	1969-12-31 23:59:59	Name: lang Value: de-DE
			login.tickets.nyc.com/	1970-01-21 06:42:40	Name: cc Value: 1
			login.tickets.nyc.com/	1970-01-20 21:57:48	Name: sto-id-ua-47873 Value: CJGMEEAKFAAA
			checkout.nyc.com/	1969-12-31 23:59:59	Name: sto-id-47873 Value: BIGNEEAKFAAA
			accounts.tickettransaction.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vh41eudq5fzhvvs1q4okn35u

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.tickettransaction.com
ajax.googleapis.com
cdnjs.cloudflare.com
checkout.nyc.com
fonts.googleapis.com
login.tickets.nyc.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
104.17.25.14
104.18.10.207
104.18.11.207
2a00:1450:4001:811::200a
2a00:1450:4001:829::200a
8.45.158.224
8.45.158.75
8.45.158.81
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
01b668625bd5b728f7161c4eb136c9f628854145e9478be8b3a7903c1a1bf864
167dad52c4eae8b24004fee7ad7c444fb74ea863758ef890133bd7c4908827cf
22a69986c7b624733a7e949cf89121f0fb7adc2b12bda536c9035c863598ce9c
2fd7957ef43829d100d7813f0f43d2db00fe4fea35f4ee3af08dee1122188a58
3d179ef38cf41167eb745115ae9a13f72119f2247b73b320c824411368370a14
49bb3e8a2293efb8ebbcc93ead05fa838907f92ea64fd4fd5568de22c13d66d8
516a80b1719e3eedaff4c7ed1da6a907e1b4ba1f1b26d0029e44778be5d876c8
583ca6d29346faa27ca4cb940af6bb8f068fec78b89f3acda8c4ca0bd78a3497
629b5003adac8620e766474c956ef7492a36c5169fdc6eefc09a1cca9df3b349
720cf6fe633c974f3777bcb6ef3fa159eb51b305ac32b4e8834951602960b108
73020ce204daa563d327ded75d60c3f2f5c5588cf3b588d175a2c45d8968f6e2
77b5594e53fd3f7653099dc1925f1a199ffe56ce22f9ba5c38635f89b53bf8b5
7d2aab4db2f4758ad052077dde124507d2f84e8c7a0d882853b271b8ea189671
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
a9a4e11935f5ea4aef82c0b7ab7a0ce43a99b90a2f15ee4b38c2eb75a38cbeb6
b4245208f49fa2736e4bb97775dcbe4475771ca01ef44f0f158b1497f8556d0c
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
c8e93a9a222a6b10066c2665bfc947054869056f89fd4db87bd7a5f7e0135c3c
ca6bc11c2c456591bf213750e2a4906743a630c41edd2b9cd01394d59d539ad6
caa95d0253e61363b629f4229d68ed42e81218c81fdbcc08040d5daec14776d7
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d75a8c2aa3ca40b8131fbed361eeb7449c961912ae4fee7ba20b57fbcd416088
d8d0097dfba97d74744948608adb11b19dd8e53fdeb5ab1015f3530f09e2f041
d8d622af7c58a31a2672b8661a1634e58cc38eac1677ccc44632203dd7dcab94
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e5753976038225a8cae980c166349cec5602ddb1bf7f2c2e525c84924d85ca94
efb3a38e7aa2cdfb272bb45958d27d1d957a883bf79dba3a11834c5ea3771f54
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995