ticketsatwork.com Open in urlscan Pro
104.18.32.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.email.ticketsatwork.com/click?EdmljdG9yLnZpbGxhbG9ib3NAcGFjY2FyLmNvbQ/CeyJtaWQiOiIxNjk5OTg1MTA2MDAwZWZlNjNlOTNkNDY5IiwiY...
Effective URL:
https://ticketsatwork.com/tickets/tracking_consent.php
Submission: On November 14 via api (November 14th 2023, 6:22:12 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 46 HTTP transactions. The main IP is 104.18.32.247, located in and belongs to CLOUDFLARENET, US. The main domain is ticketsatwork.com. The Cisco Umbrella rank of the primary domain is 49404.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.

This is the only time ticketsatwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.47.20.26 96.47.20.26	46263 (EDIALOG) (EDIALOG)
3 21	104.18.32.247 104.18.32.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:c90... 2a02:26f0:c900:399::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	199.101.26.126 199.101.26.126	33411 (BRIGHTPAT...) (BRIGHTPATTERNSC)
2	18.245.60.120 18.245.60.120	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2600:9000:264... 2600:9000:2646:ce00:7:f1a3:af00:93a1	16509 (AMAZON-02) (AMAZON-02)
46	9

1 96.47.20.26 (United States) 1 redirects

ASN46263 (EDIALOG, US)
PTR: n.muuto.com.mx2.bm16.maas.zetaglobal.net

e.email.ticketsatwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.18.32.247 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.ticketsatwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ticketsatwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:c900:399::1e80 (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.101.26.126 (United States)

ASN33411 (BRIGHTPATTERNSC, US)

ebgcc.brightpattern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-120.fra60.r.cloudfront.net

www.p.zjptg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:ce00:7:f1a3:af00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sjwoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ticketsatwork.com 4 redirects e.email.ticketsatwork.com — Cisco Umbrella Rank: 96086 www.ticketsatwork.com — Cisco Umbrella Rank: 93795 ticketsatwork.com — Cisco Umbrella Rank: 49404	574 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	157 KB
7	brightpattern.com ebgcc.brightpattern.com — Cisco Umbrella Rank: 74205	93 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	175 KB
2	zjptg.com www.p.zjptg.com — Cisco Umbrella Rank: 50304	50 KB
1	sjwoe.com www.sjwoe.com — Cisco Umbrella Rank: 60665	448 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 562	29 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	295 B
0	nr-data.net Failed bam.nr-data.net Failed
46	9

	Domain	Requested by
20	ticketsatwork.com	2 redirects ticketsatwork.com
10	cdn.cookielaw.org	ticketsatwork.com
7	ebgcc.brightpattern.com	ticketsatwork.com ebgcc.brightpattern.com
5	assets.adobedtm.com	ticketsatwork.com
2	www.p.zjptg.com	assets.adobedtm.com www.p.zjptg.com
1	www.sjwoe.com	ticketsatwork.com
1	js-agent.newrelic.com	ticketsatwork.com
1	geolocation.onetrust.com	ticketsatwork.com
1	www.ticketsatwork.com	1 redirects
1	e.email.ticketsatwork.com	1 redirects
0	bam.nr-data.net Failed	ticketsatwork.com
46	11

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.brightpattern.com RapidSSL TLS RSA CA G1	`2023-09-27` - `2024-10-27`	a year	crt.sh
www.p.zjptg.com Amazon RSA 2048 M02	`2023-07-02` - `2024-07-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
www.sjwoe.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ticketsatwork.com/tickets/tracking_consent.php
Frame ID: B7E3A2F87C33FD38F86940090870EA0E
Requests: 43 HTTP requests in this frame

Frame: https://ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 4F45A26A9E7FFCD806D13DBDDFF8A42D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Back ButtonFilter Button

Page URL History Show full URLs

https://e.email.ticketsatwork.com/click?EdmljdG9yLnZpbGxhbG9ib3NAcGFjY2FyLmNvbQ/CeyJtaWQiOiIxNjk5OTg1MTA2MDAwZ... HTTP 302
https://www.ticketsatwork.com/tickets/?zeta-1&bt_ee=JmfShbqv89fn9fnVdVWdJmv9T48oMHp5yjzU%2F2iVmGgkRsLoFIhY... HTTP 301
https://ticketsatwork.com/tickets/?zeta-1&bt_ee=JmfShbqv89fn9fnVdVWdJmv9T48oMHp5yjzU%2F2iVmGgkRsLoFIhY... HTTP 302
https://ticketsatwork.com/tickets/tracking_consent.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

46
Requests

96 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

1076 kB
Transfer

2652 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.email.ticketsatwork.com/click?EdmljdG9yLnZpbGxhbG9ib3NAcGFjY2FyLmNvbQ/CeyJtaWQiOiIxNjk5OTg1MTA2MDAwZWZlNjNlOTNkNDY5IiwiY3QiOiJlYmctdGF3LTYyZGNhNTllNTZjYTMxZGY5NzA5ZTIwZWQ0YTQ1NjdiLTEiLCJyZCI6InBhY2Nhci5jb20ifQ/HWkhfZWJndGF3X05EQkFNMTExNDIwMjNjMTA4Nzc2OGIxLGViMSxodHRwczovL3d3dy50aWNrZXRzYXR3b3JrLmNvbS90aWNrZXRzLw/qP3pldGEtMSZidF9lZT1KbWZTaGJxdjg5Zm45Zm5WZFZXZEptdjlUNDhvTUhwNXlqelUlMkYyaVZtR2drUnNMb0ZJaFk2bVAlMkZUJTJGTzhtSm1RJmJ0X3RzPTE2OTk5ODQ4MzQwMTc/sbmf0fbb1c2 HTTP 302
https://www.ticketsatwork.com/tickets/?zeta-1&bt_ee=JmfShbqv89fn9fnVdVWdJmv9T48oMHp5yjzU%2F2iVmGgkRsLoFIhY6mP%2FT%2FO8mJmQ&bt_ts=1699984834017 HTTP 301
https://ticketsatwork.com/tickets/?zeta-1&bt_ee=JmfShbqv89fn9fnVdVWdJmv9T48oMHp5yjzU%2F2iVmGgkRsLoFIhY6mP%2FT%2FO8mJmQ&bt_ts=1699984834017 HTTP 302
https://ticketsatwork.com/tickets/tracking_consent.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tracking_consent.php Show response
ticketsatwork.com/tickets/
Redirect Chain

https://e.email.ticketsatwork.com/click?EdmljdG9yLnZpbGxhbG9ib3NAcGFjY2FyLmNvbQ/CeyJtaWQiOiIxNjk5OTg1MTA2MDAwZWZlNjNlOTNkNDY5IiwiY3QiOiJlYmctdGF3LTYyZGNhNTllNTZjYTMxZGY5NzA5ZTIwZWQ0YTQ1NjdiLTEiLCJy...
https://www.ticketsatwork.com/tickets/?zeta-1&bt_ee=JmfShbqv89fn9fnVdVWdJmv9T48oMHp5yjzU%2F2iVmGgkRsLoFIhY6mP%2FT%2FO8mJmQ&bt_ts=1699984834017
https://ticketsatwork.com/tickets/?zeta-1&bt_ee=JmfShbqv89fn9fnVdVWdJmv9T48oMHp5yjzU%2F2iVmGgkRsLoFIhY6mP%2FT%2FO8mJmQ&bt_ts=1699984834017
https://ticketsatwork.com/tickets/tracking_consent.php

70 KB
23 KB

427ms
426ms

Document
text/html

104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e444d1b6ffe3ce3129cc2ffaa5c5e8264673f0fd62a0f8dff6ece2fb519e6bd7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 826147105f2803cd-FRA
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 18:22:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8261470cfa2e03cd-FRA
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 18:22:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /tickets/tracking_consent.php
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 jquery-3.5.1.min.js Show response
ticketsatwork.com/common_resources/js/ 87 KB
32 KB 65ms
65ms Script
application/javascript 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/js/jquery-3.5.1.min.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:02 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
age: 4965
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 31 Aug 2020 15:45:29 GMT
server: cloudflare
etag: W/"15d84-5ae2e4aba3840"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 82614713e9d81cb5-FRA

GET
H3 200 jquery-ui-1.13.2.min.js Show response
ticketsatwork.com/common_resources/js/ 249 KB
68 KB 57ms
56ms Script
application/javascript 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/js/jquery-ui-1.13.2.min.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:02 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
age: 4965
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 19 Sep 2022 13:26:39 GMT
server: cloudflare
etag: W/"3e471-5e907a95c61c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 82614713e9da1cb5-FRA

GET
H3 200 li.js Show response
ticketsatwork.com/common_resources/js/ 25 KB
5 KB 186ms
184ms Script
application/javascript 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/js/li.js?ebgcbv=175

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21a483e7f4b138c12d7378f8d6099d382cfb1e78f8434a52d41d435944ed2fd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:03 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 14 Feb 2022 15:43:22 GMT
server: cloudflare
etag: W/"651c-5d7fc46bbda80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 82614713e9e01cb5-FRA

GET
H3 200 interaction_analytics.js Show response
ticketsatwork.com/common_resources/js/ 7 KB
2 KB 175ms
174ms Script
application/javascript 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/js/interaction_analytics.js?ebgcbv=175

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08afdf6eac5aa471056a6d1186e624a899a374d402adca5a7aa9957b0eea2995

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:03 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Thu, 12 Jan 2023 15:23:35 GMT
server: cloudflare
etag: W/"1bb6-5f212b34c2bc0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 82614713e9e41cb5-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 45ms
22ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 51977
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 09 Nov 2023 14:41:49 GMT
server: cloudflare
etag: 0x8DBE13201873ECE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 615f4d5d-701e-0057-437a-1397b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 826147141d11361f-FRA

GET
H2 200 launch-1645114e1c78.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/ 650 KB
159 KB 106ms
32ms Script
application/x-javascript 2a02:26f0:c900:399::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Requested by: Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c900:399::1e80 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f14b3684e41584c3eb03a2821ff9fbb65973c1dd353a2ff9abadb25ae187876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 02:25:06 GMT
server: AkamaiNetStorage
etag: "97d00a38bb22db0f33ba606bd87054c4:1698805506.597026"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 162453
expires: Tue, 14 Nov 2023 19:22:02 GMT

GET
H3 200 big_logo.jpg
ticketsatwork.com/img/ 34 KB
35 KB 3171ms
3170ms Image
image/jpeg 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/img/big_logo.jpg

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a9bb6a4bb7eaffcfb39d44386cd699b34952951572f9f74496b384ed458d9f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:03 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 35155
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Wed, 07 Jun 2023 18:39:00 GMT
server: cloudflare
etag: "8953-5fd8e72fe3900"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 82614713e9e91cb5-FRA
expires: Thu, 14 Dec 2023 18:22:03 GMT

GET
H3 200 consent_splash_disney.png
ticketsatwork.com/common_resources/tawframework/img/ 57 KB
57 KB 177ms
177ms Image
image/png 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/common_resources/tawframework/img/consent_splash_disney.png

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0a41e36c1664eac057a83b9fa7c49c89825fcfabcc47a2b1914d6d487f65522

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:03 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 58203
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "e35b-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 82614713e9ea1cb5-FRA
expires: Thu, 14 Dec 2023 18:22:02 GMT

GET
H3 200 consent_splash_universal.png
ticketsatwork.com/common_resources/tawframework/img/ 64 KB
64 KB 2917ms
2916ms Image
image/png 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/common_resources/tawframework/img/consent_splash_universal.png

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb64a05853ccf42fc6e52d9b8eb4afd8ac4c47ed61df3aac317d94ed258a9e2f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:03 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 65112
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "fe58-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 826147157c3a1cb5-FRA
expires: Thu, 14 Dec 2023 18:22:03 GMT

GET
H3 200 consent_splash_seaworld.png
ticketsatwork.com/common_resources/tawframework/img/ 66 KB
67 KB 447ms
447ms Image
image/png 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/common_resources/tawframework/img/consent_splash_seaworld.png

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf67fa9307c91b01d52a9ec5781dd05f74dd5f821d87d76f438ede52056f4266

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 67978
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "1098a-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 826147296b241cb5-FRA
expires: Thu, 14 Dec 2023 18:22:06 GMT

GET
H3 200 consent_splash_sixflags.png
ticketsatwork.com/common_resources/tawframework/img/ 82 KB
83 KB 276ms
275ms Image
image/png 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/common_resources/tawframework/img/consent_splash_sixflags.png

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba561fadb45ac39c0048acd990ebfca4d6a25112d2b06b40ba06c67bd9105088

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 84447
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "149df-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 826147298b4f1cb5-FRA
expires: Thu, 14 Dec 2023 18:22:06 GMT

GET
H3 200 consent_splash_wyndham.png
ticketsatwork.com/common_resources/tawframework/img/ 70 KB
70 KB 272ms
271ms Image
image/png 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/common_resources/tawframework/img/consent_splash_wyndham.png

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2854856e2856c9e70e76a9041cd60944200250d93ee8f292d4274008034386e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 71443
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "11713-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 82614729dbd21cb5-FRA
expires: Thu, 14 Dec 2023 18:22:06 GMT

GET
H/1.1 200
OK form.css
ebgcc.brightpattern.com/clientweb/chat-client-v4/css/ 3 KB
3 KB 543ms
164ms Stylesheet
text/css 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/chat-client-v4/css/form.css

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

4471d3760ad27b466ca99f4e9ac126ee8d9eb24d7d9989561b12e40ca118dcf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:22:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 20 Sep 2023 23:46:25 GMT
Server: nginx/1.25.2
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2620

POST
H3 200 li.php Show response
ticketsatwork.com/common_resources/ 811 B
983 B 2976ms
2975ms XHR
application/json 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/li.php

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4f657a64bd3872aa69b21230f42f690c573ac539948ad7335c170c80f429ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: XA4PUldACQIAXFRbAA==
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 18:22:03 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
cf-ray: 826147154bcd1cb5-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 9ea95be0-451b-4ef8-8b4d-41b4b6617c33.json Show response
cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/ 5 KB
2 KB 2970ms
2934ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/9ea95be0-451b-4ef8-8b4d-41b4b6617c33.json

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b58fd16f0cb908fa3ec86e150252ba8bf4ecf314272fc403b8c43c8a4c639f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6294
content-md5: cVGsAfzG/v3IW57eZnx1Cg==
content-length: 1718
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 12:20:26 GMT
server: cloudflare
etag: 0x8DBAE0A7C71A83E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4111885c-901e-0002-5415-17873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82614715595e195e-FRA
expires: Wed, 15 Nov 2023 18:22:03 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 53ms
51ms Script
application/x-javascript 2a02:26f0:c900:399::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c900:399::1e80 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ticketsatwork.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Tue, 14 Nov 2023 19:22:06 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 39ms
37ms Script
application/x-javascript 2a02:26f0:c900:399::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c900:399::1e80 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ticketsatwork.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Tue, 14 Nov 2023 19:22:06 GMT

GET
H2 200 100001 Show response
www.p.zjptg.com/tag/1537403/ 49 KB
49 KB 3246ms
24ms Script
text/plain 18.245.60.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p.zjptg.com/tag/1537403/100001
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-120.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 41ee90bb5c46ae71b67410814f2d77dc2e4a62e2f5b11283c46be8d8fb1a252d

Request headers

Referer: https://ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 14 Nov 2023 17:30:47 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P5
age: 3079
x-cache: Hit from cloudfront
content-length: 50215
x-amz-cf-id: 0WEyNeEz7kTOID5GmFQIkXql06dri8AH4XyGbvuwti2NkEUAFxLmQw==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 356ms
51ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 82614729ab16196a-FRA
access-control-allow-headers: Content-Type

POST
H3 200 li.php Show response
ticketsatwork.com/common_resources/ 0
525 B 455ms
454ms XHR
text/html 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/li.php

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: XA4PUldACQIAXFRbAA==
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 826147296b1e1cb5-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 li.php Show response
ticketsatwork.com/common_resources/ 0
525 B 455ms
455ms XHR
text/html 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/common_resources/li.php

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: XA4PUldACQIAXFRbAA==
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 826147296b231cb5-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7229.jpg
ticketsatwork.com/common_resources/campaigns/ 29 KB
29 KB 484ms
483ms Image
image/jpeg 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketsatwork.com/common_resources/campaigns/7229.jpg

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f10c766b92e2783a3c86bc108318e70c8bea312d96b1ecf52061bcf8cee8762e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 29451
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 13 Nov 2023 17:36:15 GMT
cf-bgj: h2pri
server: cloudflare
etag: "730b-60a0c1b6022f3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 82614729dbd31cb5-FRA
expires: Thu, 14 Dec 2023 18:22:06 GMT

GET
H3 200 lato-regular-webfont.woff
ticketsatwork.com/css/fonts/ 31 KB
32 KB 169ms
169ms Font
font/opentype 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/css/fonts/lato-regular-webfont.woff

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ticketsatwork.com/tickets/tracking_consent.php
Origin: https://ticketsatwork.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 31808
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Wed, 22 Jan 2014 16:42:44 GMT
server: cloudflare
etag: "7c40-4f091d0644900"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/opentype
cache-control: max-age=7776000, public
accept-ranges: bytes
cf-ray: 82614729dbd71cb5-FRA
expires: Mon, 12 Feb 2024 18:22:06 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/ 411 KB
99 KB 23ms
22ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2+I2Cj649lHjQKiedh8F2Q==
age: 41490
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 101254
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:47 GMT
server: cloudflare
etag: 0x8DBD50E45B16C1C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 95b9f744-001e-005d-6153-143307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82614729fc37361f-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/b0e808be-275f-4880-929d-982eef767a1a/ 129 KB
23 KB 29ms
29ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/b0e808be-275f-4880-929d-982eef767a1a/en.json

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3acc9a635787d4bb3de3c4f53e7a746dbdfe60d7685a487e37260b262ff5697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6294
content-md5: eVYDz01fq24jfmNkhm3eFQ==
content-length: 23468
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 12:20:30 GMT
server: cloudflare
etag: 0x8DBAE0A7EE64574
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5baba10a-601e-0029-6816-1707f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8261472a68db195e-FRA
expires: Wed, 15 Nov 2023 18:22:06 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ 13 KB
3 KB 20ms
19ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otFlat.json

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C2c3Qd8FHm1wstxOFHDJ2w==
age: 6294
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:37 GMT
server: cloudflare
etag: 0x8DBD50E3F9DEF08
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1224bcb1-701e-0068-3e15-175f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8261472ac96c195e-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/ 62 KB
13 KB 29ms
28ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/otPcTab.json

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W3M09FoULMOrbblf8iKnug==
age: 6294
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13391
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:40 GMT
server: cloudflare
etag: 0x8DBD50E412DA220
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6f258bb5-901e-0060-4c15-17451c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8261472ac96d195e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ 21 KB
4 KB 23ms
23ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 6294
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 03:55:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: ab5255bb-301e-0069-2c15-1700cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8261472ac970195e-FRA

GET
H2 200 RCd28a62cc788b4c8288f18be1d9a77206-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/6b779f85bc9e/ 340 B
470 B 51ms
39ms Script
application/x-javascript 2a02:26f0:c900:399::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/6b779f85bc9e/RCd28a62cc788b4c8288f18be1d9a77206-source.min.js
Requested by: Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c900:399::1e80 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 22263b4c56dd4d9a0831e53ed2bac550dfb57173183a4a819fd022b8c1197d10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:07 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 02:25:07 GMT
server: AkamaiNetStorage
etag: "52873c46f34cb0f267415376da52a3fd:1698805507.425982"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 213
expires: Tue, 14 Nov 2023 19:22:07 GMT

GET
H3

200

main.js Show response
ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 4F45
Redirect Chain

https://ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
3 KB

18ms
17ms

Script
application/javascript

104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6be3bddfbaf39a63ef0d9e54a4938c8275503d36cce4f391b3993832bf2fa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:07 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8261472f9be91cb5-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 14 Nov 2023 18:22:07 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8261472e09801cb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK init.js Show response
ebgcc.brightpattern.com/clientweb/chat-client-v4/js/ 7 KB
7 KB 159ms
158ms Script
application/javascript 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/chat-client-v4/js/init.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

225bcbf8fc75a8278d467985f4dd63d8453ac652e1ba34043466f90416c61750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:22:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 20 Sep 2023 23:46:25 GMT
Server: nginx/1.25.2
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7355

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
516 B 20ms
20ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 6295
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 03:37:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7b0c49a0-201e-0017-4915-179088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8261472f48b4195e-FRA

GET
H2 200 Background_Blank_Logo_%23003466_Color.png
cdn.cookielaw.org/logos/d3646c5c-241f-4a3a-8e20-5a76f0100e08/f2f4a009-5f91-4fc5-b02d-6b124ca021fc/01934b4d-0e2b-459f-96f7-f90662b436dc/ 2 KB
2 KB 24ms
22ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/d3646c5c-241f-4a3a-8e20-5a76f0100e08/f2f4a009-5f91-4fc5-b02d-6b124ca021fc/01934b4d-0e2b-459f-96f7-f90662b436dc/Background_Blank_Logo_%23003466_Color.png

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3c197d6e30d6645f7f89d028509e7bbdfce73fa1dc3e356c9854da1722ddf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PtWihmGZDte5JSK9WDc7kQ==
age: 52803
content-length: 1699
x-ms-lease-status: unlocked
last-modified: Tue, 09 Nov 2021 00:25:10 GMT
server: cloudflare
etag: 0x8D9A31763DD0BB4
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8c2dbada-d01e-0095-66b1-0bd136000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8261472f8c53361f-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 21ms
19ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Nov 2023 18:22:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 50393
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 03:37:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d0f378f3-501e-008b-29ae-163dee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8261472f9c57361f-FRA

GET
H2 200 RCd5fe93df2ac344a6b7798a869003a2f6-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/6b779f85bc9e/ 2 KB
1 KB 312ms
308ms Script
application/x-javascript 2a02:26f0:c900:399::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/6b779f85bc9e/RCd5fe93df2ac344a6b7798a869003a2f6-source.min.js
Requested by: Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c900:399::1e80 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d795a015d123bf2575cbe9fed4de45d89ad61a0c5a6b56ffd8313b3b24d584b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:22:07 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 02:25:07 GMT
server: AkamaiNetStorage
etag: "52873c46f34cb0f267415376da52a3fd:1698805507.425982"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 789
expires: Tue, 14 Nov 2023 19:22:07 GMT

POST
H3 200 826147105f2803cd Show response
ticketsatwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4F45 0
303 B 68ms
53ms XHR
text/plain 104.18.32.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketsatwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/826147105f2803cd

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.32.247 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 18:22:07 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 82614731aed71cb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK page-lib.min.js Show response
ebgcc.brightpattern.com/clientweb/chat-client-v4/build/ 16 KB
8 KB 158ms
157ms Script
application/javascript 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/page-lib.min.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

a573a5c7e757fc9ff9bb66611d63178290d28423fa744badb37f71459e8910bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:22:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 23:46:25 GMT
Server: nginx/1.25.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK chat-widget.min.js Show response
ebgcc.brightpattern.com/clientweb/chat-client-v4/build/ 243 KB
71 KB 165ms
164ms Script
application/javascript 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/chat-widget.min.js?cache-control=1337

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

4ccf214167c187a1aade2269a0e03955c1e1dad0c95deff369870c1d7587d423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:22:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 23:46:25 GMT
Server: nginx/1.25.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 nr-spa-1.246.1.min.js Show response
js-agent.newrelic.com/ 86 KB
29 KB 51ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.246.1.min.js

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ef22ef08df2e0a1183eb6c0652641745892a6e6100289caca8d1a8da173d197

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: YYfIXhQaf2yM3tlTfH7xiASp7e7IUG9W
content-encoding: br
via: 1.1 varnish
date: Tue, 14 Nov 2023 18:22:08 GMT
strict-transport-security: max-age=300
x-amz-request-id: AVPVYCQ2YBN2BHHB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 28993
x-amz-id-2: ERzE38I0o0uowHoj6keIzhlf1RMbWajsl76daKCeJ7d7ps014z892o2hF0c+dPTGonv2JyARJfg=
x-served-by: cache-fra-eddf8230099-FRA
last-modified: Tue, 31 Oct 2023 15:33:55 GMT
server: AmazonS3
x-timer: S1699986128.330370,VS0,VE0
etag: "fe135b6e7222948159657c8cf35dedab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 412937

GET
H2 200 policy Show response
www.sjwoe.com/ 47 B
448 B 120ms
8ms Fetch
application/json 2600:9000:2646:ce00:7:f1a3:af00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sjwoe.com/policy
Requested by: Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ce00:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 21:48:07 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 74040
x-amzn-trace-id: Root=1-65529997-6716ae855715ed6e68e5b63e;Sampled=0;lineage=36ff8a84:0
x-amzn-requestid: 11b5da3c-75fe-4ccf-a7c9-d30adf571daf
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-apigw-id: OWzvyHI1IAMEtlA=
content-length: 47
x-amz-cf-id: YfjwWowESUIk_VmAnaW-HmFbj2jgBirlZ-0OetUym_4kEs6ezrHwuA==

GET
H/1.1 200
OK snippet.css
ebgcc.brightpattern.com/clientweb/chat-client-v4/css/ 12 KB
3 KB 164ms
157ms Stylesheet
text/css 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/chat-client-v4/css/snippet.css

Requested by

Host: ebgcc.brightpattern.com
URL: https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/chat-widget.min.js?cache-control=1337

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

d6b698d1ea19908960b79aae6038d4757830e3f3b84df970ae695f7762c5c10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticketsatwork.com/tickets/tracking_consent.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:22:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 23:46:25 GMT
Server: nginx/1.25.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 403
Forbidden configuration Show response
ebgcc.brightpattern.com/clientweb/api/v1/ 68 B
519 B 164ms
162ms XHR
application/json 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/api/v1/configuration?tenantUrl=ebgcc.brightpattern.com&domain=ticketsatwork.com&appId=05363aaa62214ab49d457fb6ae0dc5e4

Requested by

Host: ticketsatwork.com
URL: https://ticketsatwork.com/tickets/tracking_consent.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

7de743fe979877241aadf5f90a0634f6960d6840e130779fa6cceb359fb6c251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
Authorization: MOBILE-API-140-327-PLAIN appId="05363aaa62214ab49d457fb6ae0dc5e4", clientId="undefined"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:22:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.25.2
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://ticketsatwork.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Origin, Content-type, Authorization
Content-Length: 68

OPTIONS
H/1.1 200
OK configuration
ebgcc.brightpattern.com/clientweb/api/v1/ Frame 0
0 470ms
154ms Preflight 199.101.26.126
BRIGHTPATTERNSC

General

Check archive.org

Show headers Download Go to

Full URL

https://ebgcc.brightpattern.com/clientweb/api/v1/configuration?tenantUrl=ebgcc.brightpattern.com&domain=ticketsatwork.com&appId=05363aaa62214ab49d457fb6ae0dc5e4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),

Reverse DNS

Software

nginx/1.25.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://ticketsatwork.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Origin, Content-type, Authorization
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: https://ticketsatwork.com
Allow: GET, HEAD, POST, TRACE, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 18:22:08 GMT
Server: nginx/1.25.2
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST undefined
bam.nr-data.net/1/ 0
0

POST
H2 200 log
www.p.zjptg.com/ 19 B
247 B 35ms
34ms Ping
text/plain 18.245.60.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p.zjptg.com/log
Requested by: Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/1537403/100001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-120.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443

Request headers

Referer: https://ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 18:22:08 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P5
content-length: 19
x-amz-cf-id: QnGsyACrfrPcH1m5dYKXVEPXg-eBbryqP90RbXvDMbFT8t5fc9mNCQ==
x-cache: Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.246.1&t=Unnamed%20Transaction&rst=8134&ck=0&s=d5d1479cd1bbdb6d&ref=https://ticketsatwork.com/tickets/tracking_consent.php&af=err,xhr,stn,ins,spa&be=2473&fe=5568&dc=4566&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1699986120249,%22n%22:0,%22f%22:2047,%22dn%22:2047,%22dne%22:2047,%22c%22:2047,%22s%22:2047,%22ce%22:2047,%22rq%22:2048,%22rp%22:2474,%22rpe%22:2586,%22di%22:6672,%22ds%22:6672,%22de%22:7039,%22dc%22:8036,%22l%22:8036,%22le%22:8041%7D,%22navigation%22:%7B%7D%7D&fp=6148&fcp=6148

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ticketsatwork.com/	1969-12-31 23:59:59	Name: TICKETSATWORK Value: !iJU0oaiTljp9hDzEGrgS3UUsx8RR/xyHRqokS4Mfdq3iTr1NURHWWo+gPUbYX/wx43rRiaGXQllvVU8=
.ticketsatwork.com/	1970-01-20 16:13:07	Name: __cf_bm Value: g_PFxBb5mgHmeNVAlEK3C1vq_s0g.HeZesQoreAg2Rg-1699986121-0-AYiXZHL8nVepvoqHHSbX/qmDZ/BdNDUenh5O7Lp0+lg1FFW3OOlB3mXPRi9kKHgWn9CogHTPW0f/MYDKCQWO508=
ticketsatwork.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lsnoe5tjadqr4he5to54emdn78
ticketsatwork.com/	1969-12-31 23:59:59	Name: TICKETSATWORK Value: !nT1zR84yWYwSgpDEGrgS3UUsx8RR/9LBwdW42cBvBz4msc9l2Sp4MDOn2jprr95jHhLTh68Ye/ByP8Q=
ticketsatwork.com/	1970-01-20 16:56:18	Name: gdpr_pp Value: 2
.ticketsatwork.com/	1970-01-21 00:58:42	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Nov+14+2023+19%3A22%3A07+GMT%2B0100+(Central+European+Standard+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=03e01186-618b-4a8f-b55b-bc5af7b67f04&interactionCount=0&landingPath=https%3A%2F%2Fticketsatwork.com%2Ftickets%2Ftracking_consent.php&groups=C0001%3A1%2CID007%3A0%2CC0003%3A0%2CC0002%3A0%2CGRP01%3A0%2CC0005%3A0%2CC0004%3A0
.ticketsatwork.com/	1970-01-21 00:58:42	Name: cf_clearance Value: sbqNlKUf4zaFifwRuLHZbxUgARV7Q17aMmthqWPLmCI-1699986127-0-1-4fa4016c.5f454679.8fd1af66-0.2.1699986127
ticketsatwork.com/	1970-01-20 20:35:07	Name: cjConsent Value: 0\|0:1699986128290\|0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.p.zjptg.com/tag/1537403/100001, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.p.zjptg.com/tag/1537403/100001, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://ticketsatwork.com/tickets/tracking_consent.php Message: Access to XMLHttpRequest at 'https://bam.nr-data.net/1/undefined?a=undefined&v=1.246.1&t=Unnamed%20Transaction&rst=8134&ck=0&s=d5d1479cd1bbdb6d&ref=https://ticketsatwork.com/tickets/tracking_consent.php&af=err,xhr,stn,ins,spa&be=2473&fe=5568&dc=4566&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1699986120249,%22n%22:0,%22f%22:2047,%22dn%22:2047,%22dne%22:2047,%22c%22:2047,%22s%22:2047,%22ce%22:2047,%22rq%22:2048,%22rp%22:2474,%22rpe%22:2586,%22di%22:6672,%22ds%22:6672,%22de%22:7039,%22dc%22:8036,%22l%22:8036,%22le%22:8041%7D,%22navigation%22:%7B%7D%7D&fp=6148&fcp=6148' from origin 'https://ticketsatwork.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.246.1&t=Unnamed%20Transaction&rst=8134&ck=0&s=d5d1479cd1bbdb6d&ref=https://ticketsatwork.com/tickets/tracking_consent.php&af=err,xhr,stn,ins,spa&be=2473&fe=5568&dc=4566&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1699986120249,%22n%22:0,%22f%22:2047,%22dn%22:2047,%22dne%22:2047,%22c%22:2047,%22s%22:2047,%22ce%22:2047,%22rq%22:2048,%22rp%22:2474,%22rpe%22:2586,%22di%22:6672,%22ds%22:6672,%22de%22:7039,%22dc%22:8036,%22l%22:8036,%22le%22:8041%7D,%22navigation%22:%7B%7D%7D&fp=6148&fcp=6148 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ebgcc.brightpattern.com/clientweb/api/v1/configuration?tenantUrl=ebgcc.brightpattern.com&domain=ticketsatwork.com&appId=05363aaa62214ab49d457fb6ae0dc5e4 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.cookielaw.org
e.email.ticketsatwork.com
ebgcc.brightpattern.com
geolocation.onetrust.com
js-agent.newrelic.com
ticketsatwork.com
www.p.zjptg.com
www.sjwoe.com
www.ticketsatwork.com
bam.nr-data.net
104.18.32.247
151.101.2.137
18.245.60.120
199.101.26.126
2600:9000:2646:ce00:7:f1a3:af00:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2a02:26f0:c900:399::1e80
96.47.20.26
08afdf6eac5aa471056a6d1186e624a899a374d402adca5a7aa9957b0eea2995
0f14b3684e41584c3eb03a2821ff9fbb65973c1dd353a2ff9abadb25ae187876
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22263b4c56dd4d9a0831e53ed2bac550dfb57173183a4a819fd022b8c1197d10
225bcbf8fc75a8278d467985f4dd63d8453ac652e1ba34043466f90416c61750
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
2b4f657a64bd3872aa69b21230f42f690c573ac539948ad7335c170c80f429ce
3d3c197d6e30d6645f7f89d028509e7bbdfce73fa1dc3e356c9854da1722ddf1
3ef22ef08df2e0a1183eb6c0652641745892a6e6100289caca8d1a8da173d197
41ee90bb5c46ae71b67410814f2d77dc2e4a62e2f5b11283c46be8d8fb1a252d
4471d3760ad27b466ca99f4e9ac126ee8d9eb24d7d9989561b12e40ca118dcf0
4ccf214167c187a1aade2269a0e03955c1e1dad0c95deff369870c1d7587d423
57a9bb6a4bb7eaffcfb39d44386cd699b34952951572f9f74496b384ed458d9f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7de743fe979877241aadf5f90a0634f6960d6840e130779fa6cceb359fb6c251
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
a2854856e2856c9e70e76a9041cd60944200250d93ee8f292d4274008034386e
a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75
a573a5c7e757fc9ff9bb66611d63178290d28423fa744badb37f71459e8910bb
ba561fadb45ac39c0048acd990ebfca4d6a25112d2b06b40ba06c67bd9105088
cf67fa9307c91b01d52a9ec5781dd05f74dd5f821d87d76f438ede52056f4266
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d6b698d1ea19908960b79aae6038d4757830e3f3b84df970ae695f7762c5c10f
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d795a015d123bf2575cbe9fed4de45d89ad61a0c5a6b56ffd8313b3b24d584b1
e0a41e36c1664eac057a83b9fa7c49c89825fcfabcc47a2b1914d6d487f65522
e21a483e7f4b138c12d7378f8d6099d382cfb1e78f8434a52d41d435944ed2fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444d1b6ffe3ce3129cc2ffaa5c5e8264673f0fd62a0f8dff6ece2fb519e6bd7
e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763
e9b58fd16f0cb908fa3ec86e150252ba8bf4ecf314272fc403b8c43c8a4c639f
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59
f10c766b92e2783a3c86bc108318e70c8bea312d96b1ecf52061bcf8cee8762e
f3acc9a635787d4bb3de3c4f53e7a746dbdfe60d7685a487e37260b262ff5697
f6be3bddfbaf39a63ef0d9e54a4938c8275503d36cce4f391b3993832bf2fa5d
f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb64a05853ccf42fc6e52d9b8eb4afd8ac4c47ed61df3aac317d94ed258a9e2f

ticketsatwork.com Open in urlscan Pro 104.18.32.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

96 %HTTPS

44 %IPv6

9 Domains

11 Subdomains

9 IPs

3 Countries

1076 kBTransfer

2652 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ticketsatwork.com Open in urlscan Pro
104.18.32.247 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

96 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

1076 kB
Transfer

2652 kB
Size

8
Cookies

46 HTTP transactions
0 data transactions