urlscan.io logo urlscan.io
SecurityTrails logo

ids.mlb.com Open in urlscan Pro
151.101.209.60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://group-tickets.mlb.com/
Effective URL: https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKyds...
Submission: On December 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 151.101.209.60, located in Newark, United States and belongs to FASTLY, US. The main domain is ids.mlb.com. The Cisco Umbrella rank of the primary domain is 86779.
TLS certificate: Issued by R3 on October 16th 2022. Valid for: 3 months.
This is the only time ids.mlb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 34.160.34.98 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 151.101.209.60 54113 (FASTLY)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2600:1901:0:1... 15169 (GOOGLE)
1 52.222.214.25 16509 (AMAZON-02)
15 7
5    34.160.34.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.34.160.34.bc.googleusercontent.com
group-tickets.mlb.com
1    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    151.101.209.60 (Newark, United States)

ASN54113 (FASTLY, US)
ids.mlb.com
1    2600:1901:0:7047:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
rum.browser-intake-datadoghq.eu
1    2600:1901:0:156c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
session-replay.browser-intake-datadoghq.eu
1    52.222.214.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-25.fra56.r.cloudfront.net
ok7static.oktacdn.com
Apex Domain
Subdomains		 Transfer
9 mlb.com
group-tickets.mlb.com
ids.mlb.com — Cisco Umbrella Rank: 86779
2 MB
2 browser-intake-datadoghq.eu
rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 28106
session-replay.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 72672
1 oktacdn.com
ok7static.oktacdn.com — Cisco Umbrella Rank: 14787
2 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 471
15 4
Domain Requested by
5 group-tickets.mlb.com group-tickets.mlb.com
4 ids.mlb.com group-tickets.mlb.com
ids.mlb.com
1 ok7static.oktacdn.com ids.mlb.com
1 session-replay.browser-intake-datadoghq.eu group-tickets.mlb.com
1 rum.browser-intake-datadoghq.eu group-tickets.mlb.com
1 assets.adobedtm.com group-tickets.mlb.com
15 6

This site contains links to these domains. Also see Links.

Domain
www.mlb.com
Subject Issuer Validity Valid
group-tickets.mlb.com
R3		 2022-12-06 -
2023-03-06		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
ids.mlb.com
R3		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.browser-intake-datadoghq.eu
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-22 -
2023-01-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKydsTiuybuT2zJlr5qDLFUgnkcEKk12YlbYyyk&code_challenge_method=S256&nonce=5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK&redirect_uri=https%3A%2F%2Fgroup-tickets.mlb.com%2Fimplicit%2Fcallback&response_type=code&state=MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS&scope=openid%20email%20profile
Frame ID: 04EAC38DC1525FA65F2CAB2CEC04083A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MLB - Schlechte Anfrage

Page URL History Show full URLs

  1. https://group-tickets.mlb.com/ Page URL
  2. https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

1620 kB
Transfer

1641 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://group-tickets.mlb.com/ Page URL
  2. https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKydsTiuybuT2zJlr5qDLFUgnkcEKk12YlbYyyk&code_challenge_method=S256&nonce=5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK&redirect_uri=https%3A%2F%2Fgroup-tickets.mlb.com%2Fimplicit%2Fcallback&response_type=code&state=MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
group-tickets.mlb.com/ 		736 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://group-tickets.mlb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.34.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.34.160.34.bc.googleusercontent.com
Software
nginx/1.22.1 /
Resource Hash
ec2ec77d1b9336706532eb17e770a46d5a9601d6e4dd237790d07f7b03e92853

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
736
content-type
text/html
date
Wed, 07 Dec 2022 00:36:19 GMT
etag
"638fdb5d-2e0"
last-modified
Wed, 07 Dec 2022 00:16:29 GMT
server
nginx/1.22.1
via
1.1 google
main.062645dd.js
group-tickets.mlb.com/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://group-tickets.mlb.com/static/js/main.062645dd.js
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.34.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.34.160.34.bc.googleusercontent.com
Software
nginx/1.22.1 /
Resource Hash
11e8b5fc64193246acfa15024f3636c935b6cd028b2330c81b0603598f9654ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://group-tickets.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:36:19 GMT
via
1.1 google
last-modified
Wed, 07 Dec 2022 00:16:29 GMT
server
nginx/1.22.1
etag
"638fdb5d-17c4fa"
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1557754
main.e0c0e78b.css
group-tickets.mlb.com/static/css/ 		55 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://group-tickets.mlb.com/static/css/main.e0c0e78b.css
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.34.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.34.160.34.bc.googleusercontent.com
Software
nginx/1.22.1 /
Resource Hash
f70feaef6e383846b96aaa500d3dd3562b1f8818d5c9fcf6e6f4e4d1e310a15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://group-tickets.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:36:19 GMT
via
1.1 google
last-modified
Wed, 07 Dec 2022 00:16:29 GMT
server
nginx/1.22.1
etag
"638fdb5d-dd23"
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56611
launch-3c0da2ce339c.min.js
assets.adobedtm.com/267c22ecc15c/1ca761836546/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/267c22ecc15c/1ca761836546/launch-3c0da2ce339c.min.js
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/static/js/main.062645dd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://group-tickets.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:36:20 GMT
server
AkamaiNetStorage
access-control-allow-origin
https://group-tickets.mlb.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
10
expires
Wed, 07 Dec 2022 01:36:20 GMT
d46b1d49-84e8-4157-95df-a05fd9bca8ab
https://group-tickets.mlb.com/ 		26 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://group-tickets.mlb.com/d46b1d49-84e8-4157-95df-a05fd9bca8ab
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b84556446da312de1353c96b0a66237209290a21b9465fdb89f283ab40986a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Length
26293
MLB_logo.534d3fa6e73537a052f85191d832ecb1.svg
group-tickets.mlb.com/static/media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://group-tickets.mlb.com/static/media/MLB_logo.534d3fa6e73537a052f85191d832ecb1.svg
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.34.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.34.160.34.bc.googleusercontent.com
Software
nginx/1.22.1 /
Resource Hash
f29f75d1d7016be04e098db27190945839a60f60a60060e05537a904802f601f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://group-tickets.mlb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:36:19 GMT
via
1.1 google
last-modified
Wed, 07 Dec 2022 00:16:29 GMT
server
nginx/1.22.1
etag
"638fdb5d-131b"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4891
proximanova-regular-webfont.6e0b7f9a1fcd51ddfb30.woff
group-tickets.mlb.com/static/media/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://group-tickets.mlb.com/static/media/proximanova-regular-webfont.6e0b7f9a1fcd51ddfb30.woff
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/static/css/main.e0c0e78b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.34.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.34.160.34.bc.googleusercontent.com
Software
nginx/1.22.1 /
Resource Hash
6626a8a0719a9535a8fa001f1012295578f64d3a36646fc3ac2e0b16889ca264

Request headers

Referer
https://group-tickets.mlb.com/static/css/main.e0c0e78b.css
Origin
https://group-tickets.mlb.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:36:19 GMT
via
1.1 google
last-modified
Wed, 07 Dec 2022 00:16:29 GMT
server
nginx/1.22.1
etag
"638fdb5d-67d0"
content-type
font/woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26576
openid-configuration
ids.mlb.com/oauth2/aus1m088yK07noBfh356/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/.well-known/openid-configuration
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/static/js/main.062645dd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.209.60 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bc0d80725521be92eb17d07024f07d26a14815f1635d1a0cfff1338c768e911
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://group-tickets.mlb.com/
X-Okta-User-Agent-Extended
okta-auth-js/6.7.6 @okta/okta-react/6.6.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
Y4_gBJ1eyLAjl82p1JSISgAADtg
strict-transport-security
max-age=315360000; includeSubDomains
date
Wed, 07 Dec 2022 00:36:20 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
via
1.1 varnish
x-datadome
protected
age
0
content-security-policy-report-only
frame-ancestors 'self'
x-cache
MISS
p3p
CP="HONK"
expires
Thu, 08 Dec 2022 00:36:20 GMT
fastly-restarts
1
x-xss-protection
0
x-served-by
cache-ewr18175-EWR
content-length
2249
server
nginx
x-timer
S1670373380.263068,VS0,VS0,VE289
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
vary
Origin
content-type
application/json
access-control-allow-origin
https://group-tickets.mlb.com
cache-control
max-age=86400, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
openid-configuration
ids.mlb.com/oauth2/aus1m088yK07noBfh356/.well-known/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/.well-known/openid-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.209.60 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://group-tickets.mlb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://group-tickets.mlb.com
access-control-max-age
3600
content-length
0
content-security-policy
frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
content-type
application/octet-stream
date
Wed, 07 Dec 2022 00:36:20 GMT
fastly-restarts
1
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-datadome
protected
x-okta-request-id
Y4_gBJipGocLcU7PfHU4kQAABdU
x-served-by
cache-ewr18175-EWR
x-timer
S1670373380.958753,VS0,VS0,VE200
Primary Request authorize
ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKydsTiuybuT2zJlr5qDLFUgnkcEKk12YlbYyyk&code_challenge_method=S256&nonce=5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK&redirect_uri=https%3A%2F%2Fgroup-tickets.mlb.com%2Fimplicit%2Fcallback&response_type=code&state=MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS&scope=openid%20email%20profile
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/static/js/main.062645dd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.209.60 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9831359e0c9a3ecd1a79eafa6633af21f616396bba4f86aa3baca63cc76f76b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://group-tickets.mlb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store
content-language
de
content-length
2638
content-security-policy
frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
content-type
text/html;charset=utf-8
date
Wed, 07 Dec 2022 00:36:21 GMT
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
fastly-restarts
1
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-datadome
protected
x-okta-request-id
Y4_gBXO686bHyHqF4AFRQwAADrM
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1670373441
x-served-by
cache-ewr18123-EWR
x-timer
S1670373381.873614,VS0,VS0,VE309
x-xss-protection
0
rum
rum.browser-intake-datadoghq.eu/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Agroup-ticket-management&dd-api-key=pub2d7fbc43928c5a3f2eabdf040b4017f8&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=30ae969a-35fa-41c7-9370-a964e702b316&batch_time=1670373380617
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/static/js/main.062645dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7047:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://group-tickets.mlb.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
replay
session-replay.browser-intake-datadoghq.eu/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.eu/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Agroup-ticket-management&dd-api-key=pub2d7fbc43928c5a3f2eabdf040b4017f8&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=77394491-1033-418f-8705-bb4b40db175d
Requested by
Host: group-tickets.mlb.com
URL: https://group-tickets.mlb.com/static/js/main.062645dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:156c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://group-tickets.mlb.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryg3POHwNqxp2M644W

Response headers
rum
rum.browser-intake-datadoghq.eu/api/v2/ 		0
0
errors-v2.css
ids.mlb.com/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ids.mlb.com/assets/css/sections/errors-v2.css
Requested by
Host: ids.mlb.com
URL: https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKydsTiuybuT2zJlr5qDLFUgnkcEKk12YlbYyyk&code_challenge_method=S256&nonce=5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK&redirect_uri=https%3A%2F%2Fgroup-tickets.mlb.com%2Fimplicit%2Fcallback&response_type=code&state=MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.209.60 Newark, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 00:36:21 GMT
x-amz-meta-sha1sum
a0af4ecf251187b0203ff095d16f850cc57a38c1
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Wed, 07 Dec 2022 00:36:21 GMT
via
1.1 varnish
content-security-policy
frame-ancestors https://api.mobilecoach.org https://jrgiantsdugout.org https://*.mlb.com https://auth.turnstyle.fan https://giants.turnstyle.fan https://cloudclub.turnstyle.fan https://*.mlbpressbox.com https://privacyportal-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://mlb-chromecast.storage.googleapis.com https://*.webeng-gcp-npd.mlbinfra.net https://rangers.pogoseat.com https://reg.events.thuzi.com https://public.events.thuzi.com https://nats.pogoseat.com
age
0
x-cache
MISS
content-length
790
x-served-by
cache-ewr18123-EWR
last-modified
Thu, 03 Nov 2022 21:54:24 GMT
server
nginx
x-timer
S1670373381.290735,VS0,VE254
etag
W/"80127ba5c47706686501006723ba83da"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-cache-hits
0
fs01qom3c5g3wq2ql357
ok7static.oktacdn.com/fs/bco/1/ 		809 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok7static.oktacdn.com/fs/bco/1/fs01qom3c5g3wq2ql357
Requested by
Host: ids.mlb.com
URL: https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKydsTiuybuT2zJlr5qDLFUgnkcEKk12YlbYyyk&code_challenge_method=S256&nonce=5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK&redirect_uri=https%3A%2F%2Fgroup-tickets.mlb.com%2Fimplicit%2Fcallback&response_type=code&state=MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS&scope=openid%20email%20profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-25.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8131b45b3fe445f197bb26066ad99f91ef8c79c99a0c6f2a47550ac40d1e85fe
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 06:13:32 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
1794169
x-cache
Hit from cloudfront
content-length
809
last-modified
Mon, 04 Nov 2019 21:09:13 GMT
server
nginx
etag
"8c27e876e44c7ab045ab308491ff2177"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
2GScBgxYSqtw7rAxx2R0bUFIFGIdrDzh4czwF_8EXs_t75-G_lmOkg==
expires
Thu, 16 Nov 2023 06:13:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rum.browser-intake-datadoghq.eu
URL
https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Agroup-ticket-management&dd-api-key=pub2d7fbc43928c5a3f2eabdf040b4017f8&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=31383194-8137-41b8-b9e1-066a52a43289&batch_time=1670373381239

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

8 Cookies

Domain/Path Name / Value
group-tickets.mlb.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:%22code%22%2C%22state%22:%22MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS%22%2C%22nonce%22:%225HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK%22%2C%22scopes%22:[%22openid%22%2C%22email%22%2C%22profile%22]%2C%22clientId%22:%220oap7wa857jcvPlZ5355%22%2C%22urls%22:{%22issuer%22:%22https://ids.mlb.com/oauth2/aus1m088yK07noBfh356%22%2C%22authorizeUrl%22:%22https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize%22%2C%22userinfoUrl%22:%22https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/userinfo%22%2C%22tokenUrl%22:%22https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/token%22%2C%22revokeUrl%22:%22https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/revoke%22%2C%22logoutUrl%22:%22https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/logout%22}%2C%22ignoreSignature%22:false}
group-tickets.mlb.com/ Name: okta-oauth-nonce
Value: 5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK
group-tickets.mlb.com/ Name: okta-oauth-state
Value: MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS
group-tickets.mlb.com/ Name: _dd_s
Value: rum=1&id=dace9132-5a61-4d8b-a16c-54e42ec634f1&created=1670373379617&expire=1670374279617
ids.mlb.com/ Name: JSESSIONID
Value: 4D852D652E0CA1F646D5ACB6A18ADCFD
ids.mlb.com/ Name: t
Value: blue-dark
ids.mlb.com/ Name: DT
Value: DI157s-b7QYQlG5s6ygQ_IDWA
.mlb.com/ Name: datadome
Value: 0I8JTmLDZrBipAxnqPIv__p49v9df2dBvCZAVoaqiZzNdvte8CvYA-_jkZ~FOrS6-L_Xj0CwWxijuLrl8f8VJBvvj4R3V69BXL~T79DsaLXSubj3Hoo03c4SvJnJp5kH

2 Console Messages

Source Level URL
Text
network error URL: https://assets.adobedtm.com/267c22ecc15c/1ca761836546/launch-3c0da2ce339c.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ids.mlb.com/oauth2/aus1m088yK07noBfh356/v1/authorize?client_id=0oap7wa857jcvPlZ5355&code_challenge=RmT6aKydsTiuybuT2zJlr5qDLFUgnkcEKk12YlbYyyk&code_challenge_method=S256&nonce=5HLFfc0GQ9cZnfyDjcYlnJcApCAJICVvR3LH4lz6JdQ49QVEhxWU8RaDPeQX79eK&redirect_uri=https%3A%2F%2Fgroup-tickets.mlb.com%2Fimplicit%2Fcallback&response_type=code&state=MKzhspyz8YqQr11d5jhvwQUeeC6pR5ukKM81gOxaDKp3yzGHacXv2BeBZUfuwsHS&scope=openid%20email%20profile
Message:
Failed to load resource: the server responded with a status of 400 ()