bal-teewtickets.com Open in urlscan Pro
172.67.175.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://taarurap.teewtickets.com/
Effective URL:
https://bal-teewtickets.com/
Submission: On April 26 via api (April 26th 2024, 9:08:39 am UTC) from US — Scanned from FR

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 172.67.175.139, located in United States and belongs to CLOUDFLARENET, US. The main domain is bal-teewtickets.com.
TLS certificate: Issued by E1 on March 7th 2024. Valid for: 3 months.

This is the only time bal-teewtickets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:7ee0:8:0... 2a00:7ee0:8:0:3:93:0:a52	210403 (LWS) (LWS)
1 5	172.67.175.139 172.67.175.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.160.150.14 3.160.150.14	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.11 13.35.58.11	16509 (AMAZON-02) (AMAZON-02)
2	108.138.26.12 108.138.26.12	16509 (AMAZON-02) (AMAZON-02)
11	5

1 2a00:7ee0:8:0:3:93:0:a52 (France) 1 redirects

ASN210403 (LWS, FR)

taarurap.teewtickets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.175.139 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bal-teewtickets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.160.150.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-14.fra60.r.cloudfront.net

e631b2fded6e.860081db.us-east-1.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-11.fra60.r.cloudfront.net

e631b2fded6e.860081db.us-east-1.captcha.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.26.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-12.fra56.r.cloudfront.net

static.captcha.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	awswaf.com e631b2fded6e.860081db.us-east-1.token.awswaf.com e631b2fded6e.860081db.us-east-1.captcha.awswaf.com static.captcha.awswaf.com — Cisco Umbrella Rank: 153568	383 KB
5	bal-teewtickets.com 1 redirects bal-teewtickets.com	12 KB
1	teewtickets.com 1 redirects taarurap.teewtickets.com	123 B
11	3

	Domain	Requested by
5	bal-teewtickets.com	1 redirects bal-teewtickets.com
4	e631b2fded6e.860081db.us-east-1.token.awswaf.com	bal-teewtickets.com e631b2fded6e.860081db.us-east-1.token.awswaf.com
2	static.captcha.awswaf.com	e631b2fded6e.860081db.us-east-1.captcha.awswaf.com static.captcha.awswaf.com
1	e631b2fded6e.860081db.us-east-1.captcha.awswaf.com	bal-teewtickets.com
1	taarurap.teewtickets.com	1 redirects
11	5

This site contains no links.

Subject Issuer	Validity	Valid
bal-teewtickets.com E1	`2024-03-07` - `2024-06-05`	3 months	crt.sh
*.860081db.us-east-1.token.awswaf.com Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
*.860081db.us-east-1.captcha.awswaf.com Amazon RSA 2048 M01	`2023-06-05` - `2024-07-02`	a year	crt.sh
static.captcha.awswaf.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bal-teewtickets.com/
Frame ID: ACAE6BBD144BBF043E6F112215D33753
Requests: 12 HTTP requests in this frame

Frame: https://bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 24E7DA6810762529D7B9E957FFD6815C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Human Verification

Page URL History Show full URLs

https://taarurap.teewtickets.com/ HTTP 301
http://bal-teewtickets.com/ HTTP 307
https://bal-teewtickets.com/ Page URL

Page Statistics

11
Requests

91 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

395 kB
Transfer

1275 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://taarurap.teewtickets.com/ HTTP 301
http://bal-teewtickets.com/ HTTP 307
https://bal-teewtickets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://bal-teewtickets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

11 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

405

Primary Request / Show response
bal-teewtickets.com/
Redirect Chain

https://taarurap.teewtickets.com/
http://bal-teewtickets.com/
https://bal-teewtickets.com/

4 KB
4 KB

227ms
187ms

Document
text/html

172.67.175.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bal-teewtickets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d85c4284b198108d76c6d095bbdbe804c66e8207f9d8e02159074a07b9f37dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: OPTIONS,GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 87a56dceeae70259-CDG
content-type: text/html; charset=UTF-8
date: Fri, 26 Apr 2024 09:08:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TA4%2FGdHg%2Bl6n4QPo9H0cWkpMeGI0o%2FOmSWIMMKU%2FFEuJ4SfW4X%2BNdv6kg4fhFfRhlEQ%2Bd0oFTe6UqUlEkJb46jYrQhP6JMOlv8Ou7VdWAtbKUqMvLLrcqpqCLa7YWN0FRsfqR9QH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
x-amzn-waf-action: captcha
x-content-type-options: nosniff

Redirect headers

Location: https://bal-teewtickets.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 challenge.js Show response
e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/ 1 MB
284 KB 588ms
485ms Script
text/javascript 3.160.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/challenge.js
Requested by: Host: bal-teewtickets.com
URL: https://bal-teewtickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-14.fra60.r.cloudfront.net
Software: /
Resource Hash: f9d3080d69de1fd46590d0845d4fbcd865242e08d757c64d2d9601db4c7fa5ed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 09:08:34 GMT
content-encoding: gzip
via: 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
last-modified: Fri, 26 Apr 2024 09:08:34 +0000
x-amz-cf-pop: FRA60-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-662b6f12-072a5ef862ea5cd1704f6c4e
content-type: text/javascript
cache-control: private, max-age=86400
x-amz-cf-id: Lse3dH27ezP5IOCEJ7VS2L-WmqKzFRWq73o7RjPygbXV1-YTZAEsIA==
expires: 0

GET
H2 200 captcha.js Show response
e631b2fded6e.860081db.us-east-1.captcha.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/ 160 KB
65 KB 593ms
493ms Script
text/javascript 13.35.58.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e631b2fded6e.860081db.us-east-1.captcha.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/captcha.js
Requested by: Host: bal-teewtickets.com
URL: https://bal-teewtickets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-11.fra60.r.cloudfront.net
Software: /
Resource Hash: 89ce65c9a50831a06d88c06a602979a19cdbd6dc3e37ec5870f995b896f24984

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 09:08:34 GMT
content-encoding: gzip
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
x-amzn-waf-captcha-id: Root=1-662b6f12-770ccf13752341d414f8b491
x-amz-cf-id: 7waK2Hd9Zp9U7gw38hOmwVtbpLvEJrCpWSQTTyfeIcKotAkG_doZbQ==

GET
H3

200

main.js Show response
bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 24E7
Redirect Chain

https://bal-teewtickets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

8 KB
4 KB

25ms
25ms

Script
application/javascript

172.67.175.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

Protocol

Server

172.67.175.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bec00d40c825335f881fcb145f5fd920fcc8c9a8dc50ecbb8704858952d94ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Apr 2024 09:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESPcz5C2KfgoBOQgGtJnsx7knqTs%2F%2BTSP%2BkrEF4xZ0nUPZ6zgN7amDx81rK9NCuAo7Vww17nbCT1dsEUzgMQaWSvyuu%2FGdDqv%2FojtUiN5busuqIEjDruHK19XOmPjP61aOffDZdG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 87a56dd749220259-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 26 Apr 2024 09:08:35 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axfVLadDRn0F1GPFprD%2FPaCg1XRBt%2BpwycJl2upq09dKj53c2kb7HhSsj3Vria3mLH6FCVM9c%2FaN6YbwqH5nUb8%2FqOhvgEiUTmc9Bl5QOxKBRCafyaQqM6OTT5f4Z%2FHZshSHM9%2FD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
cf-ray: 87a56dd708da0259-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 stylesheet.css
static.captcha.awswaf.com/fonts/AmazonEmberLt/ 230 B
592 B 94ms
27ms Stylesheet
text/css 108.138.26.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css
Requested by: Host: e631b2fded6e.860081db.us-east-1.captcha.awswaf.com
URL: https://e631b2fded6e.860081db.us-east-1.captcha.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/captcha.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2998d81cfd55c682823a732f696790f3745c3c1b394ca6701cc91dda9dc54516

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 09:00:53 GMT
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 19:30:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 463
x-amz-server-side-encryption: AES256
etag: "d8674d16f372c9cdafa1314ef9710c64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 230
x-amz-cf-id: muS9ddLyJqmqKjDg4pz0_LT0-JSq_SNG3FepjquUleeGSJHGwVkmuQ==

GET
DATA 200
OK truncated
/ 565 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3e2b5d869c820ae61b5603c4a05ac50f6a2d22a6a8a7a6637b9933e70291e32

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02452d207cc5969d8c5ad8b19b35ab7d6f5800ca0ebd78a00aa944999ac0ee6

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 481 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e5af7cbc4ba6d5e3c5b722393bcae96e599dfad2eca7de444a501e8a1a4a351

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 405 favicon.ico
bal-teewtickets.com/ 2 KB
3 KB 191ms
191ms Other
text/html 172.67.175.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bal-teewtickets.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f7c0e86c4dfe6cad8e74f1e56b0fb296a49fe1ae7ce477e3b7f34427ab5b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 09:08:35 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-amzn-waf-action: captcha
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F8EcQ7fb5xelCdWnCeqz73NrigdU%2B5qb4U7XoEJdJu0p0yTKq6BLsY8DDb1AkG4W3i7uSUA42UZKNLmWr5AepKHFutjhvqnlc8i0Z4zyj65SiIstkSiA%2BQBh16a11FubLIb2cFw"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, max-age=0
vary: Accept-Encoding
cf-ray: 87a56dd749230259-CDG

POST
H2 200 verify Show response
e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/ 304 B
723 B 484ms
424ms Fetch
application/json 3.160.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/verify
Requested by: Host: e631b2fded6e.860081db.us-east-1.token.awswaf.com
URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/challenge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-14.fra60.r.cloudfront.net
Software: /
Resource Hash: a15b48dafb67815fc4f81989c8de1bc52ac86b80df5c0fc2c55fbf63c5561aa6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 09:08:35 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-662b6f13-50c1c22a7ef05bdc1a3861e9
cache-control: no-cache, no-store, must-revalidate
content-length: 304
x-amz-cf-id: Zi0YMfh4jP5LsfNLmzPJvgTn6Pm15kURxM0bKqdzOrmy6AlQyGZWrw==
expires: 0

POST
H3 200 87a56dceeae70259 Show response
bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 24E7 0
613 B 41ms
41ms XHR
text/plain 172.67.175.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bal-teewtickets.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a56dceeae70259

Requested by

Host: bal-teewtickets.com
URL: https://bal-teewtickets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.139 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Apr 2024 09:08:35 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pODLDE9HJsXzEvn6n4nIdinyPvSOFrxBJvpale608prVr1rzb3BP0G0QFS8VebojtDw5PZlA8kXEq%2FG4vUCRKDQgx5sFzujWfhZhb6UEE1L0F1ZjGdZ9Fa2Hbl%2F0M6GH0Cj%2ByJRj"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 87a56dd7c98e0259-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 AmazonEmber-Light.woff2
static.captcha.awswaf.com/fonts/AmazonEmberLt/ 30 KB
30 KB 81ms
29ms Font
binary/octet-stream 108.138.26.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.captcha.awswaf.com/fonts/AmazonEmberLt/AmazonEmber-Light.woff2
Requested by: Host: static.captcha.awswaf.com
URL: https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35e616b44004287518920103bbbc22e18f41fa68b137fd774f8a5388ce9768a8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css
Origin: https://bal-teewtickets.com
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 03:50:33 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 62786
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30648
last-modified: Tue, 20 Feb 2024 19:30:13 GMT
server: AmazonS3
etag: "64824a4253db63d5f9a7c4501c702c16"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ZS-3AcNrelNz_2QA5iTtYZ8DlFE9DM9bQsBeeon1ATFICooE88Xk8g==

POST
H2 200 telemetry Show response
e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/ 872 B
1 KB 395ms
395ms Fetch
application/json 3.160.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/telemetry
Requested by: Host: e631b2fded6e.860081db.us-east-1.token.awswaf.com
URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/challenge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-14.fra60.r.cloudfront.net
Software: /
Resource Hash: a936f358a5f293e4f970d59460f459856952d65210524168f81872fbe0b94389

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 09:08:36 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-662b6f14-47d8cb8f4a6ab44a6e9bb2a4
cache-control: no-cache, no-store, must-revalidate
content-length: 872
x-amz-cf-id: HxhVMa6THNbgxAdkLkBSkd2WDkIeOHvNmQAK-S7Tmj3DLVpzvJIWHg==
expires: 0

POST
H2 200 telemetry Show response
e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/ 960 B
1 KB 397ms
396ms Fetch
application/json 3.160.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/telemetry
Requested by: Host: e631b2fded6e.860081db.us-east-1.token.awswaf.com
URL: https://e631b2fded6e.860081db.us-east-1.token.awswaf.com/e631b2fded6e/9ce2a80d2b3a/66a010a71573/challenge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-14.fra60.r.cloudfront.net
Software: /
Resource Hash: 2e2fa9879b0ac09df0aa4a102ddcb014c86bbb304e58b37b418a97a9b4ba2794

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://bal-teewtickets.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 26 Apr 2024 09:08:37 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-662b6f15-44ade6c3278a10683d3a4d8f
cache-control: no-cache, no-store, must-revalidate
content-length: 960
x-amz-cf-id: W2UnsiEvV8rjNG5K6ql_9kqBmWqndAWyy3tcOc1JK8j2z6jgMKRG4A==
expires: 0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bal-teewtickets.com/	1970-01-21 04:54:18	Name: cf_clearance Value: B9oYKIiO0lARTf5HghWPtlKjibQjdFj4gUX2cvQIkdE-1714122515-1.0.1.1-KAhIGSRwgCMLU0xZqCRfzvZwxInqbMC3pKQXiace9Ub3uazg6CZkLH_9uA_lMyh0eceN1bz39xVBeIMrWfW_WQ
			.bal-teewtickets.com/	1970-01-20 20:14:28	Name: aws-waf-token Value: f7fa6f1c-cbb3-4ad4-bd0c-026741a04db1:EQoAaho/d/4gAAAA:rVy1Ql427DtZr+r+HVtDq1muNnyC4DkRRoIhZmrayBhaik4caBl8uNgT1l4pCZUpseIhiqT5OBirLNPaZjesACorZNBvcmQkj38u3uIUxoo6tZBiqjQSdBHcME8H028byyDXoCnKhxf7gqtLBXYS5ZeLIKD1jdge0gYiGWFw2pb5+2ANHAE3lGDsmyxYC2Xm01JjG1WFdyyxv+1PCDyTLppy1xYKwD7NYMRhGgoIHo9C0nH8MMOJItUXlkh8zPsctS8GBi+O9ajiN4UXLoE=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bal-teewtickets.com/ Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://bal-teewtickets.com/favicon.ico Message: Failed to load resource: the server responded with a status of 405 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bal-teewtickets.com
e631b2fded6e.860081db.us-east-1.captcha.awswaf.com
e631b2fded6e.860081db.us-east-1.token.awswaf.com
static.captcha.awswaf.com
taarurap.teewtickets.com
108.138.26.12
13.35.58.11
172.67.175.139
2a00:7ee0:8:0:3:93:0:a52
3.160.150.14
2998d81cfd55c682823a732f696790f3745c3c1b394ca6701cc91dda9dc54516
2e2fa9879b0ac09df0aa4a102ddcb014c86bbb304e58b37b418a97a9b4ba2794
35e616b44004287518920103bbbc22e18f41fa68b137fd774f8a5388ce9768a8
5e5af7cbc4ba6d5e3c5b722393bcae96e599dfad2eca7de444a501e8a1a4a351
89ce65c9a50831a06d88c06a602979a19cdbd6dc3e37ec5870f995b896f24984
9d85c4284b198108d76c6d095bbdbe804c66e8207f9d8e02159074a07b9f37dd
a15b48dafb67815fc4f81989c8de1bc52ac86b80df5c0fc2c55fbf63c5561aa6
a936f358a5f293e4f970d59460f459856952d65210524168f81872fbe0b94389
bec00d40c825335f881fcb145f5fd920fcc8c9a8dc50ecbb8704858952d94ff4
e02452d207cc5969d8c5ad8b19b35ab7d6f5800ca0ebd78a00aa944999ac0ee6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e2b5d869c820ae61b5603c4a05ac50f6a2d22a6a8a7a6637b9933e70291e32
e6f7c0e86c4dfe6cad8e74f1e56b0fb296a49fe1ae7ce477e3b7f34427ab5b3b
f9d3080d69de1fd46590d0845d4fbcd865242e08d757c64d2d9601db4c7fa5ed

bal-teewtickets.com Open in urlscan Pro 172.67.175.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

20 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

395 kBTransfer

1275 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

bal-teewtickets.com Open in urlscan Pro
172.67.175.139 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

395 kB
Transfer

1275 kB
Size

2
Cookies

11 HTTP transactions
3 data transactions