tickets.ticketshelper.workers.dev Open in urlscan Pro
2606:4700:3034::6815:12a2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tickets.ticketshelper.workers.dev/
Submission: On July 04 via api (July 4th 2024, 3:00:35 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3034::6815:12a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is tickets.ticketshelper.workers.dev.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.

This is the only time tickets.ticketshelper.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:12a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.67.182.188 172.67.182.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	172.67.198.204 172.67.198.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.217.227.48 52.217.227.48	16509 (AMAZON-02) (AMAZON-02)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	8.45.158.39 8.45.158.39	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	2600:9000:223... 2600:9000:223d:d600:b:33be:5f40:21	16509 (AMAZON-02) (AMAZON-02)
6	13.224.194.8 13.224.194.8	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	52.222.206.99 52.222.206.99	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:1f18:f8a... 2600:1f18:f8a:b704:c70b:3cc9:de5b:e83a	14618 (AMAZON-AES) (AMAZON-AES)
5	54.92.193.158 54.92.193.158	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:f8a... 2600:1f18:f8a:b702:c4cb:9f1b:5463:c990	14618 (AMAZON-AES) (AMAZON-AES)
64	21

1 2606:4700:3034::6815:12a2 (United States)

ASN13335 (CLOUDFLARENET, US)

tickets.ticketshelper.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.182.188 (United States)

ASN13335 (CLOUDFLARENET, US)

tickets.ticketshelper.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.198.204 (United States)

ASN13335 (CLOUDFLARENET, US)

blog.ticketshelper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.227.48 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

chicagoconcerts.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.45.158.39 (Waukesha, United States)

ASN3356 (LEVEL3, US)

mapwidget3.seatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223d:d600:b:33be:5f40:21 (United States)

ASN16509 (AMAZON-02, US)

d1s8091zjpj5vh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.194.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-8.fra2.r.cloudfront.net

d340sbn9oxreq3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.206.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-99.fra56.r.cloudfront.net

d1s8091zjpj5vh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b704:c70b:3cc9:de5b:e83a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.92.193.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-193-158.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b702:c4cb:9f1b:5463:c990 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloudfront.net d1s8091zjpj5vh.cloudfront.net d340sbn9oxreq3.cloudfront.net	282 KB
13	workers.dev tickets.ticketshelper.workers.dev	48 KB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 8235 img.riskified.com — Cisco Umbrella Rank: 6309 c.riskified.com — Cisco Umbrella Rank: 5600	16 KB
5	seatics.com mapwidget3.seatics.com — Cisco Umbrella Rank: 126071	11 KB
4	ticketshelper.com blog.ticketshelper.com	17 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 ajax.googleapis.com — Cisco Umbrella Rank: 469	109 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	174 KB
2	chicagoconcerts.today chicagoconcerts.today	103 KB
2	amazonaws.com s3.amazonaws.com	60 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286	13 KB
1	gstatic.com fonts.gstatic.com	24 KB
64	14

	Domain	Requested by
13	tickets.ticketshelper.workers.dev	tickets.ticketshelper.workers.dev
11	d1s8091zjpj5vh.cloudfront.net	mapwidget3.seatics.com d1s8091zjpj5vh.cloudfront.net tickets.ticketshelper.workers.dev
6	d340sbn9oxreq3.cloudfront.net	mapwidget3.seatics.com tickets.ticketshelper.workers.dev
5	img.riskified.com
5	mapwidget3.seatics.com	tickets.ticketshelper.workers.dev mapwidget3.seatics.com
4	blog.ticketshelper.com	tickets.ticketshelper.workers.dev
3	ajax.googleapis.com	tickets.ticketshelper.workers.dev
2	c.riskified.com	beacon.riskified.com
2	www.facebook.com	tickets.ticketshelper.workers.dev
2	connect.facebook.net	tickets.ticketshelper.workers.dev connect.facebook.net
2	www.googletagmanager.com	tickets.ticketshelper.workers.dev www.googletagmanager.com
2	chicagoconcerts.today	tickets.ticketshelper.workers.dev
2	s3.amazonaws.com	tickets.ticketshelper.workers.dev
1	beacon.riskified.com	mapwidget3.seatics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	mapwidget3.seatics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tickets.ticketshelper.workers.dev
64	18

This site contains links to these domains. Also see Links.

Domain
seatics.com

Subject Issuer	Validity	Valid
ticketshelper.workers.dev WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
ticketshelper.com GTS CA 1P5	`2024-06-01` - `2024-08-30`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
chicagoconcerts.today WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.seatics.com RapidSSL TLS RSA CA G1	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-12` - `2024-07-11`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.riskified.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-01`	a year	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-06` - `2025-05-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tickets.ticketshelper.workers.dev/
Frame ID: D59DC5D0243552394FCA0DB08120ACF1
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy Cheapest The Rat Pack Is BackTickets at NewYorkEvents.Today

Detected technologies

Riskified (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<[^>]*beacon\.riskified\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

64
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

18
Subdomains

21
IPs

3
Countries

941 kB
Transfer

2377 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://seatics.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tickets.ticketshelper.workers.dev/ 10 KB
4 KB 724ms
344ms Document
text/html 2606:4700:3034::6815:12a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:12a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89dffc30ba908fee-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 04 Jul 2024 15:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFdDncU70qYZIiO5ug%2FfYopfgggYpARUsE7ZKBSKesI9yZNWgD7o1zNdVQFlAXVNb5DOjeq7uInDasT%2Fd2AxpjSfjURnW6WK7ALBGLD6UgZh2CLatzzMLgi%2FeXgFmRra5v0SgIfb%2FFt8iWXiDCu6rdehtEieZg0CUejbz7FKrow%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
x-xss-protection: 1; mode=block

GET
H3 200 font-awesome.min.css
tickets.ticketshelper.workers.dev/font-awesome/css/ 10 KB
4 KB 460ms
454ms Stylesheet
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/font-awesome/css/font-awesome.min.css

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mombzeDwgFa9baDZgxvF2BVALsXPm1nEve%2BWewp%2FRxfL0Vn3xSjBPlnciab69KuIub3MegcPQaps2XX0GDB0RtbMLgSLISvEXx7WiU7ywjr4Ur6MER5pvvhuZGL%2B82jqF7FD6D3QsFntKfb8h2b%2FU7CT2C0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33ed875d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 bundle.css
tickets.ticketshelper.workers.dev/1719893873/styles-v3/styles/ 10 KB
4 KB 415ms
407ms Stylesheet
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/1719893873/styles-v3/styles/bundle.css

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncx0QWLDpAurXfF2Lr%2FvxKq5u00xmVELUIVH9fOKqz2i7TcAIWfqZ%2BhC%2BIX7k1px7Up%2BOqoUy8JFn5CPlv%2BvaHQqoAY2rzpzIkI5yy12xwvjSjqO8TfE1DNslwqdYqs5AfaJ6IPNBJowLF8B7x6waKs85CE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33ed8c5d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 717 B
780 B 150ms
48ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 14:55:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 15:00:29 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 95 KB
33 KB 195ms
93ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34044
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 15:13:01 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/themes/smoothness/ 36 KB
9 KB 143ms
41ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/themes/smoothness/jquery-ui.css

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ab5953a468c8084db2452a42bdc59a6be197bab8dad4105c040b63186155e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8425
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:33:55 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/ 247 KB
66 KB 144ms
45ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.0/jquery-ui.min.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 12:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67885
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 12:22:57 GMT

GET
H3 200 jquery.autocomplete.min.js Show response
tickets.ticketshelper.workers.dev/scripts/ 10 KB
4 KB 397ms
392ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/jquery.autocomplete.min.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oxx4mIWhSBggM%2FxF%2B0hHGiw8pW7xr66WYwWlLfalXJ68OecDoCl5iVy1EdMnBgCDGSq3A1c%2FiIbIREyYW11ZRfm6FC9H3aAk%2BKyTI0ciflJcLLx7fPgEl1es80YTtCqkB%2Fpg8IGdIc08vbdx4wGj8vVkLjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33ed925d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 header.js Show response
tickets.ticketshelper.workers.dev/scripts/v3/ 10 KB
4 KB 457ms
452ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/v3/header.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQa03jQzXhBd%2BZSQPxMKgE%2Fi0fU3mJOX1V9%2FkvjeJprkSfkqFi5A4coZxl5zsgZU4iaHAuptUz4vz%2FevKeJ0nUsHl%2FQ90YzO37ZoyZ3wwYe24aTNujxB5wNpRv4JeZnRcsHgJsgKrVnS5i%2FfJqx67b2ExM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33ed955d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 location.js Show response
tickets.ticketshelper.workers.dev/scripts/ 10 KB
4 KB 423ms
421ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/location.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BkTX1p613vgSlxG0kSiGGwgDQptFeF23P6YaC%2FfP0UT7v9AE9y3IMSgzs3H5LMc6Ff6fsnOtC7BHWRD9svWDQ2kGPD5VFFqWM8H7U0HszS6VopRhxQyhg6F0y%2Fee0np%2BjE5ggD%2BxFBrcuUD%2FBPH9JBEOKbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33ed9c5d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 main.js Show response
tickets.ticketshelper.workers.dev/1719893873/scripts/ 10 KB
4 KB 515ms
512ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/1719893873/scripts/main.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoxTXT6bi2o%2Bo7gHt2AhlcREXvBvGmkU9Zi1pfBx0%2BFQ3dP6KjuexOa0G2rCOY09b3lB%2BugxomH0bcpRsNA%2FEHJvR3ufDnA71B%2B2n1ca09jR60FkP1e2HBcD0V1X09plT0XfJvjM5m5ZPMRjalpKemvHAFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33eda75d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 appUtil.js Show response
tickets.ticketshelper.workers.dev/1719893873/scripts/ 10 KB
4 KB 434ms
431ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/1719893873/scripts/appUtil.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FpdDZ6FISd1WLcHuZRCoJIY7kuJhVok6UqgacjQXAJ5oHSDInuyomqEXJeDdMuj6gvROkfyYNAlyQbJQADeWg4nNV9gSghdZiKL1kJEenehC0KJKcrT%2Fgl3%2Ff0itby4u3atLMuxVxbrvxZ9QRogVKhtRXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33edab5d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 languageUtil.js Show response
tickets.ticketshelper.workers.dev/scripts/ 10 KB
4 KB 508ms
506ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/languageUtil.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzkjjlRXUwdM7XhWoXemmt8BD%2FJrc12VM41r0SEhVj8uiCn3IArh3yxfk6N4IJHMMTrdURL0CEwgpLZRT5PtCrz35iMaV7uZZiMuwK0FKxaT%2BvpAAk7SJo5E7QMEq2s7e2GOloHh9RXRS97Kz0K0fKv78Ps%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33edb55d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 eventList.js Show response
tickets.ticketshelper.workers.dev/1719893873/scripts/ 10 KB
4 KB 465ms
463ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/1719893873/scripts/eventList.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEp3a81uQI0jvPzQjJvAVwYfcT%2Bd9LHROYZ989UGyX7kHeupCtR1qLf9cnlt2Ii3eTUP6tB%2FgSeEglzygEbPhy4vTEWIbs2qyq5oTi5n1Ntj3MM7j%2FdhJ2fel%2FB%2Fs%2F1YYXXHu32gZ5KVoMfQWd6yu3rSRHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33edb95d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 search.js Show response
tickets.ticketshelper.workers.dev/scripts/ 10 KB
4 KB 494ms
491ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/search.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N71vLlcFQAnNMu%2Fn8rjPqyCyOEw1DAotPaf0c1L1AvJJzuIyZGfJcZRF8qmbaA%2B6xr3QPolvCoTBok37ZzKBO9IqApASLfW7oKb%2FqU%2FWQhV6eFpxkD3n7R8%2BaZg6DOwiKkWE%2BrnihDOVY1F8nlO8fkjdU9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33edbd5d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 suggestions.js Show response
tickets.ticketshelper.workers.dev/scripts/v3/ 10 KB
4 KB 509ms
507ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/v3/suggestions.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75tIEV0ddNklRRcdifb0yfmSGF2Uw26Oe3tKcwgcTLjZxuVpSaFvp4eswJH56AJZpvmMvfj9T9NQJnKABwNMxiXurZmaVb3%2BxdKeaqpyhi9LtiBOeEOb6PvJRH%2FFHSFmL5PqHXE7%2B%2Fv%2FS0ogRImMgAXgo8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33edc95d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 eventJsonConverter.js Show response
tickets.ticketshelper.workers.dev/scripts/v3/ 10 KB
4 KB 465ms
463ms Script
text/html 172.67.182.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tickets.ticketshelper.workers.dev/scripts/v3/eventJsonConverter.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.182.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6EqGQyR93iQU1235l3K5mmAk5pUVyF0OW0InY6yt4gXCdgBw%2Fjp%2BR7ITwui0OUR8KlrGj7CT14PAuwhaAVZb7cn4ox%2B2EQ96eREbHEs7f3GoBrORQ8ozjLPNSKGgdXTU2FHWsbBPfF9l6cvRCc9s3H%2FEOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
cf-ray: 89dffc33edce5d39-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 main-style.css
blog.ticketshelper.com/sm-ticket/ 68 KB
11 KB 131ms
57ms Stylesheet
text/css 172.67.198.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.ticketshelper.com/sm-ticket/main-style.css

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f85f810616e48fc375d797b976258a0f4fb9d02d579edd0321c77bbafac82b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58619
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 11:48:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"662f8901-10ecf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QlAVoSgwOYkpj4rrv7%2BJNY%2BvDhLbSv332EeM8S7LqEV5DmW1%2F%2BAdcyGg86QIRPoR60JcL87jksGnPedHiyZ%2Faq6yTvldulPRYv5qkTEu93BaB2xQG50TP4KMb%2BAnxt%2B3aunHlzl7WeyU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
permissions-policy: interest-cohort=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 89dffc345dc14db8-FRA
expires: Fri, 02 Aug 2024 22:43:30 GMT

GET
H3 200 custom-mm.css
blog.ticketshelper.com/sm-ticket/ 6 KB
2 KB 126ms
53ms Stylesheet
text/css 172.67.198.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.ticketshelper.com/sm-ticket/custom-mm.css

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42aeb46d4beb105997913acbd1944ed9bb14e7b885ccd5560996334cc191f51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 755264
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Apr 2024 11:48:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"662f88f2-19aa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lgkq1RQbure5%2B259PaXLpEFNUOIeW7FZjjt4NkOfvbGPK1KuSGQZz8f6nNvfVydyZiVHgiDZW%2FvlZeIro3yliU38ql9demesz5oyVqbvFTwCiRZsGpf467pjxULQPO%2BSQQY76vsQPIA1"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
permissions-policy: interest-cohort=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 89dffc345dbb4db8-FRA
expires: Thu, 25 Jul 2024 21:12:45 GMT

GET
H3 200 style3.css
blog.ticketshelper.com/wp-content/uploads/main-ticket/ 5 KB
2 KB 128ms
56ms Stylesheet
text/css 172.67.198.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.ticketshelper.com/wp-content/uploads/main-ticket/style3.css

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ecb321f3dcd6d63f3b98824bcdd65596a9a5bfa5920dd52c047442b01c09d65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788799
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 11:15:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"65f03950-124c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hX2%2Bs7ROR%2B1QpBZsfW7e8djYylKygJ5YPHrStqmZcGZd4ntw8pPLH7neWEeAAUy3jrYEFm%2F0cBqR5ml7ptTztCGSOCZaTWDnp7wJWeHygja9n0kXDcpJEdTJL2lbyjfNvrnEMUWhO%2FO5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
permissions-policy: interest-cohort=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 89dffc345db34db8-FRA
expires: Thu, 25 Jul 2024 11:53:50 GMT

GET
H/1.1 200
OK tn_utilities-min.js Show response
s3.amazonaws.com/TNService/Js/ 1 KB
2 KB 375ms
133ms Script
application/x-javascript 52.217.227.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/TNService/Js/tn_utilities-min.js
Requested by: Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.227.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 97875f913a57693bcdbafcce9f8c43ff6450ec2bc8555dacf9aa0731d153a0e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:30 GMT
Last-Modified: Mon, 26 Jun 2017 15:07:20 GMT
Server: AmazonS3
x-amz-request-id: 27MY9QEG1RWM5RW2
ETag: "e5cd4512ed438cacb9ef13608cf7910f"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1167
x-amz-id-2: XGpFZ8vRBOHZ5ci0s2W85H1Y4SIzwVJ5XjX5R9honBe2m1yBOdIJiC8354XiRJqWZXwPiJ4C6bk=

GET
H3 200 localevent5.js Show response
blog.ticketshelper.com/sm-ticket/ 4 KB
2 KB 167ms
95ms Script
text/javascript 172.67.198.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.ticketshelper.com/sm-ticket/localevent5.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3abb7477bf8fd5d6c1acf51e38565d3e24d7ba8f967b7f0bade5c28fea31d346

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:29 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517328
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Apr 2024 09:29:07 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
etag: W/"661e44e3-10ed"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9flJyEPSRdRuFz1btPEaIV8MeBM3gUaCefG0tgW0XsFtxevz2cyTtDd0QNYefvBMtPnlACyFp0kUBi1x4Yuja6pdMngK8GFwKrKp1Q6cwA%2F8MvkRkYSNQDyTjm5LlM37glW05MoE7%2F%2Fn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
permissions-policy: interest-cohort=(),geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray: 89dffc345db74db8-FRA
expires: Sun, 28 Jul 2024 15:18:21 GMT

GET
H/1.1 200
OK cscpl-results-filters.js Show response
s3.amazonaws.com/content-s3.tickettransaction.com/00982/052/ 58 KB
58 KB 401ms
159ms Script
application/javascript 52.217.227.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/content-s3.tickettransaction.com/00982/052/cscpl-results-filters.js
Requested by: Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.227.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f76f14eda9a43e242645a46b7edffd775fba78d16a7b3c90a3f2f37ea99b014

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:30 GMT
Last-Modified: Wed, 01 Nov 2023 20:21:03 GMT
Server: AmazonS3
x-amz-request-id: 27MMYAHKJ4PGPDRR
ETag: "1d5d46c7ed00e2c637b3b0aea8ab5c27"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 59099
x-amz-id-2: iWRoSayNerqCPC3e0zye580+DpqRJhmMBElbaKSTwlhCGe6fkuFo/8TF0KT/uKTvqi/56zZErXM=

GET
H2 200 bostonconcerts.today_.png
chicagoconcerts.today/wp-content/uploads/2024/05/ 57 KB
57 KB 1108ms
988ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chicagoconcerts.today/wp-content/uploads/2024/05/bostonconcerts.today_.png

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c76460be9ba47f343d485e1c07ebc03d68413eb3dd34e474fde206120e77d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:30 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 10:46:27 GMT
server: cloudflare
etag: W/"667aa003-e27b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvlwC6cF%2Fib3sQa4gEAa1K9RTh4w6vClnxunUM3kJpO35UppS2dWTigPzdvSzHmAH%2FmOztrwb92HClaCOOKWlg3ou6I3AeAQleduXUwSR5vWpanCGtTCm63YIfDlANaIH7FxwLmvmFvEQz1g%2FDbgR%2BBEwOY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 89dffc34a9b34dcc-FRA
expires: Sat, 03 Aug 2024 15:00:30 GMT

GET
H/1.1 200
OK js Show response
mapwidget3.seatics.com/ 20 KB
9 KB 679ms
168ms Script
text/javascript 8.45.158.39
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.45.158.39 Waukesha, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

93da292cb689304ad35782f40dc0e41497528057e9baad3e01a2162ecdd0268c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Content-Length: 8979

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
70 KB 163ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K4SXK9MZ

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c9ef74093fa9ed3d97c59b36fa0a04193c8e2b53991b8d65c4906983803a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 15:00:30 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 130ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://tickets.ticketshelper.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:56:54 GMT
x-content-type-options: nosniff
age: 173016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:56:54 GMT

GET
H/1.1 200
OK TicketsByEvent Show response
mapwidget3.seatics.com/Api/ 2 KB
1 KB 217ms
201ms Script
application/x-javascript 8.45.158.39
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://mapwidget3.seatics.com/Api/TicketsByEvent?callback=Seatics.Coordinator.gotTicketsCallback&eventId=6530393&websiteConfigId=27264&mtdt=%7B%22wcid%22%3A27264%2C%22eid%22%3A6530393%2C%22en%22%3A%22The%20Rat%20Pack%20Is%20Back%22%2C%22vid%22%3A22515%2C%22vn%22%3A%22Tuscany%20Suites%20%26%20Casino%22%2C%22mp%22%3A%22tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc%22%2C%22lyt%22%3A%22Mobile%22%7D

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.45.158.39 Waukesha, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

b93ca6c68d1ed34496fff299a7be0457ef7a7c2eb74a7829bc4a734d9c693872

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Content-Length: 889

GET
H2 200 en Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/Seatics/Languages/Core/ 10 KB
4 KB 215ms
82ms Script
text/javascript 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/Seatics/Languages/Core/en?v=JcbbsE4BAH6XDODa19VHcbQ-1v_HyMRvnJdUnsJkdiM1

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e1e72f89ee81a093762a4f181a9f8e3e67fc6a2b1447c2f7be21a3057cc58d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:51 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3725979
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qWXsSfa8yd6vi3IRtHOYqgWQ6rtAUST1_jOUIuPSXeYMJaDyNEK56g==
expires: Thu, 22 May 2025 12:00:51 GMT

GET
H2 200 libsNoJqueryDesktopCore Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/ 228 KB
72 KB 216ms
84ms Script
text/javascript 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/libsNoJqueryDesktopCore?v=H-jTCxs-5KW-VCiwA1KCr_6bD55ASKeh01sK8wDbucI1

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9ec0df74845318cf7d7735f5f25bcdcc64c8aacad9e90b15eb448a59d2bd8cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 18:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jun 2024 18:12:38 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1975672
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5kk02t9rlBi5EW7a4M7bR5gmyZG8KZ-CJ2CrEbopNKLdJ4asJkGhnQ==
expires: Wed, 11 Jun 2025 18:12:38 GMT

GET
H2 200 js2 Show response
d1s8091zjpj5vh.cloudfront.net/ 15 KB
5 KB 208ms
81ms Script
text/javascript 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/js2?lang=en-US&v=3.0-2024-6-702-1641

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6489d195b753771a37f4491f0b2556434201cf61dd920f5ac1eb2fee90fe0b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 14:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA56-P3
age: 609
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EXME81Yj0RB5bOQ1URgA9iKu8zW-Bp0Iz0btz80zoDMfeU3HMYud5g==
expires: Thu, 04 Jul 2024 15:01:14 GMT

GET
H2 200 light-desktop
d1s8091zjpj5vh.cloudfront.net/Css/ 71 KB
30 KB 177ms
50ms Stylesheet
text/css 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Css/light-desktop?v=PFpcbKoG6uzhOf6Bof3kLiQ0LTjkkNm6qAxBrx9__JQ1

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

abab40fe27c1d10acbfc0ec6f86d1d21713fbca9cba78c47d5b8feeb1d8f76b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:51 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3725979
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fhslL42fGFFm_0GktwC1izbzvaI1NVgoTtdGDeuW0BWCVozXY0sqLw==
expires: Thu, 22 May 2025 12:00:51 GMT

GET
H2 200 tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_min.js Show response
d340sbn9oxreq3.cloudfront.net/ 1 KB
1 KB 175ms
50ms Script
application/x-javascript 13.224.194.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d340sbn9oxreq3.cloudfront.net/tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_min.js
Requested by: Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6147e2b8ee327a6f248cff7e73de496f3fced59da3a2a11f327b3bc1b450eef1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 07:49:24 GMT
content-encoding: gzip
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 19:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 112267
etag: "f26dadaa7ff0cee31fa9618549a7bd32"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=630720000,public
accept-ranges: bytes
content-length: 783
x-amz-cf-id: FcpwTFuvV8nB-SWjAzoNP304XWReQg6B6UYU2cyTJbA4V1yhLZPuOw==

GET
H/1.1 200
OK LocationInfo Show response
mapwidget3.seatics.com/Api/ 57 B
489 B 408ms
188ms Script
application/x-javascript 8.45.158.39
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://mapwidget3.seatics.com/Api/LocationInfo?callback=Seatics.Coordinator.gotLocationCallback&ecc=US&est=NV&ecty=Las%20Vegas&v=3.0-2024-6-702-1641&mtdt=%7B%22wcid%22%3A27264%2C%22eid%22%3A6530393%2C%22en%22%3A%22The%20Rat%20Pack%20Is%20Back%22%2C%22vid%22%3A22515%2C%22vn%22%3A%22Tuscany%20Suites%20%26%20Casino%22%2C%22mp%22%3A%22tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc%22%2C%22lyt%22%3A%22Desktop%22%7D

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.45.158.39 Waukesha, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

75a5409f0a26b3bd6b7f1d87cb44d6dddf7cef1abd9d2a207c53f8402cdd4577

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Vary: X-Forwarded-For,Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: public
Content-Length: 169
Expires: Thu, 04 Jul 2024 15:09:12 GMT

GET
H2 200 tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x1.png
d340sbn9oxreq3.cloudfront.net/ 16 KB
16 KB 610ms
489ms Image
image/png 13.224.194.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d340sbn9oxreq3.cloudfront.net/tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x1.png
Requested by: Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bb1abfbde087ca62c8cc870df0bc696b8721cc60c9fbf7df4bef67608fcfce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:31 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 19:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "780f0fd7950f9dce29bc260622c4bbdb"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=630720000,public
accept-ranges: bytes
content-length: 16200
x-amz-cf-id: y4R4VFHGpjo-6djV72smbWTQblqjVAnT5tXFnp6GGORkMXtrPWjqZg==

GET
H2 200 tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x2.png
d340sbn9oxreq3.cloudfront.net/ 33 KB
33 KB 574ms
454ms Image
image/png 13.224.194.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d340sbn9oxreq3.cloudfront.net/tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x2.png
Requested by: Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7cad303e29213cdb1329b90eff907b860aabf22ee07ca77f5ac9faca4f9288e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:31 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 19:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "8deea2318a4a07d3eee93500084ebc85"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=630720000,public
accept-ranges: bytes
content-length: 33783
x-amz-cf-id: TgIuhA-aVAI9OshfpOEziRMwrbXoNk3ET57K1pLaeXeZHaLuCdb40A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
104 KB 91ms
74ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LT9WX87ZK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4SXK9MZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cc791503b8624bd3d5f5d04d692294dd5128e11c762f203ec25e837f3135784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 15:00:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 142ms
43ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 15:00:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: yxup0STg20/fc5Qy5E6l4o6TsQJgg+nCpbhJOKziRPDRdDUEj8dfdMJt0XaaJaodSuQV92NyUJAh4IdGKVtrYg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 en Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/Seatics/Languages/Delayed/ 13 KB
4 KB 53ms
49ms Script
text/javascript 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/Seatics/Languages/Delayed/en?v=0jaHeQLoX0hnxuyOjquBksRRmyPCEuUCxzUhQPT2D741

Requested by

Host: d1s8091zjpj5vh.cloudfront.net
URL: https://d1s8091zjpj5vh.cloudfront.net/js2?lang=en-US&v=3.0-2024-6-702-1641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6fe7deb02e4367493a8f0a56cb6321674c4b516f97f366ca8523c644a91ffce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:52 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3725978
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IfAO-yf2RY09nxkWYRqXAhb3cX7YQ_7TSKFQfcs7Usx_AzP8yj0PXA==
expires: Thu, 22 May 2025 12:00:52 GMT

GET
H2 200 libsDesktopDelayed Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/ 141 KB
42 KB 53ms
50ms Script
text/javascript 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/libsDesktopDelayed?v=BbDsFRKkKK378jcqfxIZ83-beWcX3pGjx9P0xG6T2ts1

Requested by

Host: d1s8091zjpj5vh.cloudfront.net
URL: https://d1s8091zjpj5vh.cloudfront.net/js2?lang=en-US&v=3.0-2024-6-702-1641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cdffdda52b54f1135357ad2be2f8a0190849a4a6e3fcf1ae44fc5dd7d450c153

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:52 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3725978
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: B36Cj6l3XpaDen8B3h-Nno3wN1oScxlfrKXJORAH3r9NF9U8Iu3Wnw==
expires: Thu, 22 May 2025 12:00:52 GMT

GET
H2 200 light-desktop-delayed
d1s8091zjpj5vh.cloudfront.net/Css/ 41 KB
9 KB 50ms
47ms Stylesheet
text/css 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Css/light-desktop-delayed?v=-k98Obg6c-cEMebeTiW0IFx4v1owfVO6ITC2GIklM_k1

Requested by

Host: d1s8091zjpj5vh.cloudfront.net
URL: https://d1s8091zjpj5vh.cloudfront.net/js2?lang=en-US&v=3.0-2024-6-702-1641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

16d55b49d41135947f682c1cd6866bc6ef5ca516b248e53ca38f70c55ab3c4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:52 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3725978
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Qxq8TgCm10_QJJAY6HaYZxpiI2A7qmnK35rwNep8I1yN0aFQcGbeRw==
expires: Thu, 22 May 2025 12:00:52 GMT

GET
H2 200 libsMobileAddon Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/ 8 KB
3 KB 63ms
60ms Script
text/javascript 2600:9000:223d:d600:b:33be:5f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/libsMobileAddon?v=exNweRWfcqf7idbvo5ydLFHN-UL_f7ETVvSDUmmpYz81

Requested by

Host: d1s8091zjpj5vh.cloudfront.net
URL: https://d1s8091zjpj5vh.cloudfront.net/js2?lang=en-US&v=3.0-2024-6-702-1641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:d600:b:33be:5f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

df0caf9cf87797806d86a24a62707e9c1706ba7eb12b30e09f4d17933c7eb4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:52 GMT
x-aspnet-version: 4.0.30319
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3725978
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZidOLN8o5PmoDdB-_Oauc0wRZcpJqnILC3kpUWznxNJgOJfXSmYhaQ==
expires: Thu, 22 May 2025 12:00:52 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
13 KB 111ms
57ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2626653
cdn-cachedat: 2021-08-01 19:19:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6923066369371d6997c92d232b1a01f3
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 89dffc3a6d17bf37-WAW
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92039ee7fc4ced252fa1686ebc7eb8a97dab92d770ea2cab0417b6c300bb1388

Request headers

Referer
Origin: https://tickets.ticketshelper.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 158ms
50ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LT9WX87ZK4&gtm=45je4730v9171796302z89171789828za200zb9171789828&_p=1720105229924&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2043086351.1720105230&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720105230&sct=1&seg=0&dl=https%3A%2F%2Ftickets.ticketshelper.workers.dev%2F&dt=Buy%20Cheapest%20The%20Rat%20Pack%20Is%20BackTickets%20at%20NewYorkEvents.Today&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1969&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LT9WX87ZK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 15:00:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tickets.ticketshelper.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1360685791998139 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1360685791998139?v=2.9.160&r=stable&domain=tickets.ticketshelper.workers.dev&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4a353fe6f16b2edcf08edbbadfa71daf0294e88d857f208117d01f9b8ffa695

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 15:00:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=65, mss=1297, tbw=63812, tp=-1, tpl=-1, uplat=66, ullat=0
pragma: public
x-fb-debug: TvP3RAChBmMIZhjNGSWynKz6oR9scjFycgwXAXmNXbQtoTKzuioKGyHOAflP9XY/nEGbpJb33lKldE59wNq6fw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x1.png
d340sbn9oxreq3.cloudfront.net/ 16 KB
0 174ms
174ms Image
image/png 13.224.194.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d340sbn9oxreq3.cloudfront.net/tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x1.png
Requested by: Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bb1abfbde087ca62c8cc870df0bc696b8721cc60c9fbf7df4bef67608fcfce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:31 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 19:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "780f0fd7950f9dce29bc260622c4bbdb"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=630720000,public
accept-ranges: bytes
content-length: 16200
x-amz-cf-id: y4R4VFHGpjo-6djV72smbWTQblqjVAnT5tXFnp6GGORkMXtrPWjqZg==

GET
H3 200 seatics.svg
d1s8091zjpj5vh.cloudfront.net/Images/ 5 KB
2 KB 42ms
42ms Image
image/svg+xml 52.222.206.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Images/seatics.svg?v=3.0-2024-6-702-1641

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.206.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-99.fra56.r.cloudfront.net

Software

Resource Hash

cb994b0e43f53bef4a38b4717e4e9735bcbd67bd44c7fbe8caeb082f39777621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 18:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Feb 2023 16:53:56 GMT
age: 1975660
x-amz-cf-pop: FRA56-P3
etag: W/"02ae9151546d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
cache-control: max-age=63072000, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cddnFCA_rnDMfZiG-oWW39Tb3Gcfgl86_Hzp3fBYtDi0RIs8Rg0csw==

GET
H2 200 tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x2.png
d340sbn9oxreq3.cloudfront.net/ 33 KB
0 134ms
133ms Image
image/png 13.224.194.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d340sbn9oxreq3.cloudfront.net/tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x2.png
Requested by: Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7cad303e29213cdb1329b90eff907b860aabf22ee07ca77f5ac9faca4f9288e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:31 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 19:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "8deea2318a4a07d3eee93500084ebc85"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=630720000,public
accept-ranges: bytes
content-length: 33783
x-amz-cf-id: TgIuhA-aVAI9OshfpOEziRMwrbXoNk3ET57K1pLaeXeZHaLuCdb40A==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 130ms
44ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D1360685791998139%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Ftickets.ticketshelper.workers.dev%252F%26rl%3D%26if%3Dfalse%26ts%3D1720105230645%26sw%3D1600%26sh%3D1200%26v%3D2.9.160%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.2.1720105230644.656523906821087762%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720105230522%26coo%3Dfalse%26exp%3Df1&rqm=GET

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Jul 2024 15:00:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 248ms
162ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1360685791998139&ev=PageView&dl=https%3A%2F%2Ftickets.ticketshelper.workers.dev%2F&rl=&if=false&ts=1720105230645&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.2.1720105230644.656523906821087762&ler=empty&cdl=API_unavailable&it=1720105230522&coo=false&exp=f1&rqm=FGET

Requested by

Host: tickets.ticketshelper.workers.dev
URL: https://tickets.ticketshelper.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x878e5ef719fab1e9","source_keys":["1","2"]},{"key_piece":"0x604f7ddfc1bff8e4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 04 Jul 2024 15:00:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7387795709005042191", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=3092, tp=-1, tpl=-1, uplat=122, ullat=0
pragma: no-cache
x-fb-debug: K8L+Yh+lFUkER55CXbHRF+RvcXipFeCwhKBvvufRrBDTsgn0Fihswngna/3qcs8h2ngixsipU6W6mcXoW5Z7uA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7387795709005042191"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Screenshot-2024-06-25-161323.png
chicagoconcerts.today/wp-content/uploads/2024/05/ 45 KB
45 KB 967ms
967ms Other
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chicagoconcerts.today/wp-content/uploads/2024/05/Screenshot-2024-06-25-161323.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc99821dc0c8f65b4438f708aadbeec7f9a1cdc2cd5126e182ab1bbd4a444d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jun 2024 10:47:01 GMT
server: cloudflare
etag: W/"667aa025-b3ba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOvzX%2BhWZPWnAsP26PgSKJF3tmlc3lFg1bPC18niXslP%2Bv3q9qm32qxN9R%2F1a0uzyOdJGGZx0qT6qQ4NZNVFs1mxzPD3dUaQMRFsRLLgcgYmKhlZEBWoJyFrbp0QrgXyZvyqzmLodZAl7p%2FSZtlXlaJEWZU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 89dffc3daf1b4dcc-FRA
expires: Sat, 03 Aug 2024 15:00:31 GMT

GET
H2 200 tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x4.png
d340sbn9oxreq3.cloudfront.net/ 59 KB
60 KB 456ms
454ms Image
image/png 13.224.194.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d340sbn9oxreq3.cloudfront.net/tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc_x4.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-8.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c07c2eb11e1d45d10bc29488133882500323106804b97d36941266d6ff1967a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:32 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 19:38:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "4962e23163878afb3b1eb2cba8f3434f"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=630720000,public
accept-ranges: bytes
content-length: 60539
x-amz-cf-id: kbRga65WI166fma6Yacyybw4pq7PoWKHGZ931rW8Uj6_pyJ_2y4tXA==

GET
H3 200 riskified Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/ 581 B
903 B 71ms
39ms Script
text/javascript 52.222.206.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/riskified?v=uH7QCjMncT9Zi49AYsAMEnZsIBZ6LZD5O7MVCWYdqRc1

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.206.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-99.fra56.r.cloudfront.net

Software

Resource Hash

ff38a32d1233a5d33551378a15b904601363ee22efa31c3a4e68d745123ca380

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:53 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:54 GMT
x-aspnet-version: 4.0.30319
age: 3725977
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 581
x-amz-cf-id: t02t-jXnsU1aYIIvlHjnweGxcQ7mDc3phWAFsaZVOE_xzhnGWFmk3A==
expires: Thu, 22 May 2025 12:00:54 GMT

GET
H2 200 / Show response
beacon.riskified.com/ 48 KB
15 KB 495ms
238ms Script
application/javascript 2600:1f18:f8a:b704:c70b:3cc9:de5b:e83a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=ticketnetwork_api.com&sid=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b704:c70b:3cc9:de5b:e83a Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

3d58ccf851ea7078fe167a9882d1220c9320bdb9014dbe5018990be9cb0f0e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:32 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/dGlja2V0bmV0d29ya19hcGkuY29t/MDY1MDAwMTAtZDQ3ZC00ZTg5LWEzYzYtYTE1M2EzZjNhNmM1LTE3MjAxMDUyMzA=
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
trace-id: a630075cd4094130b32d79c490f16f53
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
160 B 360ms
116ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17201052325060.2999803393747824&c=4elwx74i4hse8blt2raytqly7e8rqn&p=yczb3c&a=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230&o=ticketnetwork_api.com&rt=1720105232313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:32 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 116ms
116ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17201052328800.35961914848035037&c=4elwx74i4hse8blt2raytqly7e8rqn&p=yczb3c&a=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230&o=ticketnetwork_api.com&rt=1720105232313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:32 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H3 200 trackingProcessing Show response
d1s8091zjpj5vh.cloudfront.net/Javascript/ 1 KB
1 KB 40ms
40ms Script
text/javascript 52.222.206.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1s8091zjpj5vh.cloudfront.net/Javascript/trackingProcessing?v=X0PCZU0fdGR05ynSMCEjOEJQ4KO14D8Dulswu3e8Nvg1

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

Security

QUIC, , AES_128_GCM

Server

52.222.206.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-206-99.fra56.r.cloudfront.net

Software

Resource Hash

8d1d369bb3b4521dae4453c5e65e44f7b72436bb338ec8b4abe9acfa0a0ab788

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 12:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 May 2024 12:00:55 GMT
x-aspnet-version: 4.0.30319
age: 3725977
x-amz-cf-pop: FRA56-P3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
cache-control: public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: h6OaSIilSTN7JRHRSW9eCPs5ynBInuv4w2b-e-jT3EOv5yeG5he2_Q==
expires: Thu, 22 May 2025 12:00:55 GMT

GET
H/1.1 200
OK Ping Show response
mapwidget3.seatics.com/DDLog/ 0
192 B 170ms
169ms Script
text/javascript 8.45.158.39
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://mapwidget3.seatics.com/DDLog/Ping

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.45.158.39 Waukesha, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:32 GMT
Cache-Control: private
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Content-Length: 0
Content-Type: text/javascript

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 118ms
118ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17201052330090.8990500443305918&c=4elwx74i4hse8blt2raytqly7e8rqn&p=yczb3c&a=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230&o=ticketnetwork_api.com&rt=1720105232313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:33 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 117ms
117ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17201052331430.8135552827385963&c=4elwx74i4hse8blt2raytqly7e8rqn&p=yczb3c&a=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230&o=ticketnetwork_api.com&rt=1720105232313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:33 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK JsTiming Show response
mapwidget3.seatics.com/DDLog/ 0
192 B 177ms
177ms Script
text/javascript 8.45.158.39
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://mapwidget3.seatics.com/DDLog/JsTiming?times=%7B%22et%22%3A%7B%22JsStartExecute%22%3A1591%2C%22FinishedLoading%22%3A2045%2C%22FinishedDrawingMap%22%3A2039%2C%22FinishedEvaluatingBlockingJs%22%3A1595%2C%22StartMapsScriptLoad%22%3A1594%7D%2C%22ft%22%3A%7B%22TicketGroupsGet%22%3A233%2C%22MapLibsGet%22%3A269%2C%22LocationFromIpGet%22%3A423%2C%22Seatics.RequiredLibs.loadAll%22%3A0%2C%22ProcessMapData%22%3A1%2C%22TicketConnector.processTickets%22%3A1%2C%22MapComponent.addTicketData%22%3A11%2C%22MapDisplay(config)%22%3A6%2C%22hookUpMapDisplay%22%3A8%2C%22MapComponent.create%22%3A22%2C%22MapDelayedLibsGet%22%3A1%2C%22MapAddonLibsGet%22%3A4%2C%22Ping%22%3A173%7D%2C%22icu%22%3Afalse%7D&mtdt=%7B%22pg%22%3A%2297f1b84d-f753-a5e5-508f-fceaec536e94%22%2C%22rsi%22%3A%2206500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230%22%2C%22wcid%22%3A27264%2C%22eid%22%3A6530393%2C%22en%22%3A%22The%20Rat%20Pack%20Is%20Back%22%2C%22vid%22%3A22515%2C%22vn%22%3A%22Tuscany%20Suites%20%26%20Casino%22%2C%22mp%22%3A%22tuscanysuitescasino_theratpack_2020-01-18_2019-11-06_1421_svgc%22%2C%22tgc%22%3A2%2C%22lyt%22%3A%22Desktop%22%7D

Requested by

Host: mapwidget3.seatics.com
URL: https://mapwidget3.seatics.com/js?eventId=6530393&websiteConfigId=27264&mobileOptimized=true&includeJQuery=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.45.158.39 Waukesha, United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 15:00:33 GMT
Cache-Control: private
X-Content-Type-Options: nosniff
X-AspNet-Version: 4.0.30319
Content-Length: 0
Content-Type: text/javascript

GET
H2 200 image-l.gif
img.riskified.com/img/ 35 B
159 B 123ms
123ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17201052332750.3511150230248712&c=4elwx74i4hse8blt2raytqly7e8rqn&p=yczb3c&a=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230&o=ticketnetwork_api.com&rt=1720105232313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tickets.ticketshelper.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:33 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H2 201 client_infos Show response
c.riskified.com/v2/ 0
338 B 121ms
120ms XHR
text/plain 2600:1f18:f8a:b702:c4cb:9f1b:5463:c990
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: beacon.riskified.com
URL: https://beacon.riskified.com/?shop=ticketnetwork_api.com&sid=06500010-d47d-4e89-a3c6-a153a3f3a6c5-1720105230

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b702:c4cb:9f1b:5463:c990 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Referer: https://tickets.ticketshelper.workers.dev/
Access-Control-Allow-Headers: Content-Type
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 15:00:33 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
trace-id: 14f8c60820417ca4dabc3361139c79ab
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ 0
0 372ms
122ms Preflight
text/plain 2600:1f18:f8a:b702:c4cb:9f1b:5463:c990
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b702:c4cb:9f1b:5463:c990 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://tickets.ticketshelper.workers.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
content-length: 2
content-type: text/plain; charset=UTF-8
date: Thu, 04 Jul 2024 15:00:33 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: 9915f937ddfdc41318521ade504a3587

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tickets.ticketshelper.workers.dev/	1969-12-31 23:59:59	Name: JSESSIONID Value: 365BB6FF0D8B424F092712DFCA3847F1
tickets.ticketshelper.workers.dev/	1969-12-31 23:59:59	Name: ticket_portal_location Value: 0\|0\|NA\|000
tickets.ticketshelper.workers.dev/	1970-01-20 21:58:30	Name: AWSALB Value: 8QPAfAU4SGHKioLHVkkmdWmECJWFcQQTwMvwwJL4B+lbUdcEv5dTT/clt9l8t4z16aWI2AcOyDrE8aP4RivZm/XyRpg+HcOTGYkd/9XJ5voGABzx0saLAhYOaJXi
.ticketshelper.workers.dev/	1970-01-21 07:24:25	Name: _ga Value: GA1.1.2043086351.1720105230
.ticketshelper.workers.dev/	1970-01-21 07:24:25	Name: _ga_LT9WX87ZK4 Value: GS1.1.1720105230.1.0.1720105230.0.0.0
.ticketshelper.workers.dev/	1970-01-20 23:58:01	Name: _fbp Value: fb.2.1720105230644.656523906821087762

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
beacon.riskified.com
blog.ticketshelper.com
c.riskified.com
chicagoconcerts.today
connect.facebook.net
d1s8091zjpj5vh.cloudfront.net
d340sbn9oxreq3.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
img.riskified.com
mapwidget3.seatics.com
maxcdn.bootstrapcdn.com
region1.google-analytics.com
s3.amazonaws.com
tickets.ticketshelper.workers.dev
www.facebook.com
www.googletagmanager.com
104.18.11.207
13.224.194.8
172.67.182.188
172.67.198.204
2001:4860:4802:34::36
2600:1f18:f8a:b702:c4cb:9f1b:5463:c990
2600:1f18:f8a:b704:c70b:3cc9:de5b:e83a
2600:9000:223d:d600:b:33be:5f40:21
2606:4700:3034::6815:12a2
2a00:1450:4001:808::200a
2a00:1450:4001:813::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
52.217.227.48
52.222.206.99
54.92.193.158
8.45.158.39
0284581cb4453faa82301e9c60118477c24764c6f955944bbbfb41dd51832640
16d55b49d41135947f682c1cd6866bc6ef5ca516b248e53ca38f70c55ab3c4c3
1c07c2eb11e1d45d10bc29488133882500323106804b97d36941266d6ff1967a
1cc791503b8624bd3d5f5d04d692294dd5128e11c762f203ec25e837f3135784
2c9ef74093fa9ed3d97c59b36fa0a04193c8e2b53991b8d65c4906983803a43e
32f85f810616e48fc375d797b976258a0f4fb9d02d579edd0321c77bbafac82b
38ab5953a468c8084db2452a42bdc59a6be197bab8dad4105c040b63186155e9
3abb7477bf8fd5d6c1acf51e38565d3e24d7ba8f967b7f0bade5c28fea31d346
3c76460be9ba47f343d485e1c07ebc03d68413eb3dd34e474fde206120e77d01
3d58ccf851ea7078fe167a9882d1220c9320bdb9014dbe5018990be9cb0f0e24
3f76f14eda9a43e242645a46b7edffd775fba78d16a7b3c90a3f2f37ea99b014
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6147e2b8ee327a6f248cff7e73de496f3fced59da3a2a11f327b3bc1b450eef1
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6489d195b753771a37f4491f0b2556434201cf61dd920f5ac1eb2fee90fe0b94
6bb1abfbde087ca62c8cc870df0bc696b8721cc60c9fbf7df4bef67608fcfce0
6ecb321f3dcd6d63f3b98824bcdd65596a9a5bfa5920dd52c047442b01c09d65
6fe7deb02e4367493a8f0a56cb6321674c4b516f97f366ca8523c644a91ffce4
75a5409f0a26b3bd6b7f1d87cb44d6dddf7cef1abd9d2a207c53f8402cdd4577
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1
8d1d369bb3b4521dae4453c5e65e44f7b72436bb338ec8b4abe9acfa0a0ab788
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92039ee7fc4ced252fa1686ebc7eb8a97dab92d770ea2cab0417b6c300bb1388
93da292cb689304ad35782f40dc0e41497528057e9baad3e01a2162ecdd0268c
97875f913a57693bcdbafcce9f8c43ff6450ec2bc8555dacf9aa0731d153a0e6
9ec0df74845318cf7d7735f5f25bcdcc64c8aacad9e90b15eb448a59d2bd8cd0
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abab40fe27c1d10acbfc0ec6f86d1d21713fbca9cba78c47d5b8feeb1d8f76b6
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b4a353fe6f16b2edcf08edbbadfa71daf0294e88d857f208117d01f9b8ffa695
b93ca6c68d1ed34496fff299a7be0457ef7a7c2eb74a7829bc4a734d9c693872
cb994b0e43f53bef4a38b4717e4e9735bcbd67bd44c7fbe8caeb082f39777621
cdffdda52b54f1135357ad2be2f8a0190849a4a6e3fcf1ae44fc5dd7d450c153
d42aeb46d4beb105997913acbd1944ed9bb14e7b885ccd5560996334cc191f51
df0caf9cf87797806d86a24a62707e9c1706ba7eb12b30e09f4d17933c7eb4e1
e1e72f89ee81a093762a4f181a9f8e3e67fc6a2b1447c2f7be21a3057cc58d71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7cad303e29213cdb1329b90eff907b860aabf22ee07ca77f5ac9faca4f9288e
fc99821dc0c8f65b4438f708aadbeec7f9a1cdc2cd5126e182ab1bbd4a444d40
ff38a32d1233a5d33551378a15b904601363ee22efa31c3a4e68d745123ca380

tickets.ticketshelper.workers.dev Open in urlscan Pro 2606:4700:3034::6815:12a2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

60 %IPv6

14 Domains

18 Subdomains

21 IPs

3 Countries

941 kBTransfer

2377 kBSize

6 Cookies

1 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tickets.ticketshelper.workers.dev Open in urlscan Pro
2606:4700:3034::6815:12a2 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

18
Subdomains

21
IPs

3
Countries

941 kB
Transfer

2377 kB
Size

6
Cookies

64 HTTP transactions
1 data transactions