www.ticketsatwork.com Open in urlscan Pro
172.64.155.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.email.ticketsatwork.com/click?EdnNhcGlyb0BmaXJzdHJlcHVibGljLmNvbQ/CeyJtaWQiOiIxNzExNjMzNDM5MDM1NjI1ZmVhNTMzZmRlIiwiY3QiO...
Effective URL:
https://www.ticketsatwork.com/tickets/tracking_consent.php
Submission: On March 28 via api (March 28th 2024, 4:20:55 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 172.64.155.9, located in and belongs to CLOUDFLARENET, US. The main domain is www.ticketsatwork.com. The Cisco Umbrella rank of the primary domain is 80621.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.

This is the only time www.ticketsatwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.47.24.171 96.47.24.171	46263 (EDIALOG) (EDIALOG)
2 22	172.64.155.9 172.64.155.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.26.67 108.138.26.67	16509 (AMAZON-02) (AMAZON-02)
1	35.244.234.248 35.244.234.248	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	2600:9000:264... 2600:9000:2646:6000:7:f1a3:af00:93a1	16509 (AMAZON-02) (AMAZON-02)
43	9

1 96.47.24.171 (United States) 1 redirects

ASN46263 (EDIALOG, US)
PTR: t.muuto.com.mx1.bm16.maas.zetaglobal.net

e.email.ticketsatwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.64.155.9 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.ticketsatwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.26.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-67.fra56.r.cloudfront.net

www.p.zjptg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.234.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.234.244.35.bc.googleusercontent.com

www.mnpa6gtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:6000:7:f1a3:af00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.sjwoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ticketsatwork.com 3 redirects e.email.ticketsatwork.com — Cisco Umbrella Rank: 134568 www.ticketsatwork.com — Cisco Umbrella Rank: 80621	586 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 318	165 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	175 KB
2	zjptg.com www.p.zjptg.com — Cisco Umbrella Rank: 50877	50 KB
1	sjwoe.com www.sjwoe.com — Cisco Umbrella Rank: 76061	466 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 636	32 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 564	304 B
1	mnpa6gtrk.com www.mnpa6gtrk.com — Cisco Umbrella Rank: 103138	9 KB
0	nr-data.net Failed bam.nr-data.net Failed
43	9

	Domain	Requested by
22	www.ticketsatwork.com	2 redirects www.ticketsatwork.com
10	cdn.cookielaw.org	www.ticketsatwork.com
6	assets.adobedtm.com	www.ticketsatwork.com
2	www.p.zjptg.com	assets.adobedtm.com www.p.zjptg.com
1	www.sjwoe.com	www.ticketsatwork.com
1	js-agent.newrelic.com	www.ticketsatwork.com
1	geolocation.onetrust.com	www.ticketsatwork.com
1	www.mnpa6gtrk.com	assets.adobedtm.com
1	e.email.ticketsatwork.com	1 redirects
0	bam.nr-data.net Failed	www.ticketsatwork.com
43	10

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
www.p.zjptg.com Amazon RSA 2048 M02	`2023-07-02` - `2024-07-31`	a year	crt.sh
mnpa6gtrk.com Starfield Secure Certificate Authority - G2	`2023-07-04` - `2024-08-04`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
www.sjwoe.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.ticketsatwork.com/tickets/tracking_consent.php
Frame ID: 2025783CFD3571FC62A2CCAFDAE8CE8B
Requests: 41 HTTP requests in this frame

Frame: https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 9514B26B3627CBC113F576D5BB9F7AD4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.email.ticketsatwork.com/click?EdnNhcGlyb0BmaXJzdHJlcHVibGljLmNvbQ/CeyJtaWQiOiIxNzExNjMzNDM5MDM1NjI1Z... HTTP 302
https://www.ticketsatwork.com/tickets/?zeta-1&bt_ee=xb9FsBzr6p%2BNQdPO5ZqkbFgwvh2PCuiUySOovNC8Qwco9cS8AAYh... HTTP 302
https://www.ticketsatwork.com/tickets/tracking_consent.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

43
Requests

95 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

1016 kB
Transfer

2443 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.email.ticketsatwork.com/click?EdnNhcGlyb0BmaXJzdHJlcHVibGljLmNvbQ/CeyJtaWQiOiIxNzExNjMzNDM5MDM1NjI1ZmVhNTMzZmRlIiwiY3QiOiJlYmctdGF3LWU2YWNlY2MzOGNmNmM4ZTczNWE4NGJlNTE5NjQ3NWRjLTEiLCJyZCI6ImZpcnN0cmVwdWJsaWMuY29tIn0/HWkhfZWJndGF3X05EQkFNMDMyODIwMjRjMTIwNjk3NGIxLGViMSxodHRwczovL3d3dy50aWNrZXRzYXR3b3JrLmNvbS90aWNrZXRzLw/qP3pldGEtMSZidF9lZT14YjlGc0J6cjZwJTJCTlFkUE81WnFrYkZnd3ZoMlBDdWlVeVNPb3ZOQzhRd2NvOWNTOEFBWWhhVTFpSWNpbUFsSGMmYnRfdHM9MTcxMTYzMzg4NzY5MA/s9scf49bd1e HTTP 302
https://www.ticketsatwork.com/tickets/?zeta-1&bt_ee=xb9FsBzr6p%2BNQdPO5ZqkbFgwvh2PCuiUySOovNC8Qwco9cS8AAYhaU1iIcimAlHc&bt_ts=1711633887690 HTTP 302
https://www.ticketsatwork.com/tickets/tracking_consent.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tracking_consent.php Show response
www.ticketsatwork.com/tickets/
Redirect Chain

https://e.email.ticketsatwork.com/click?EdnNhcGlyb0BmaXJzdHJlcHVibGljLmNvbQ/CeyJtaWQiOiIxNzExNjMzNDM5MDM1NjI1ZmVhNTMzZmRlIiwiY3QiOiJlYmctdGF3LWU2YWNlY2MzOGNmNmM4ZTczNWE4NGJlNTE5NjQ3NWRjLTEiLCJyZCI6...
https://www.ticketsatwork.com/tickets/?zeta-1&bt_ee=xb9FsBzr6p%2BNQdPO5ZqkbFgwvh2PCuiUySOovNC8Qwco9cS8AAYhaU1iIcimAlHc&bt_ts=1711633887690
https://www.ticketsatwork.com/tickets/tracking_consent.php

76 KB
26 KB

499ms
498ms

Document
text/html

172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ecd742d9fdf89ac01d58f133e5b626a7599e3ce151121602ad219f4650fe3c4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86b8f31fb817fc5b-WAW
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 16:20:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86b8f31ae889fc5b-WAW
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Thu, 28 Mar 2024 16:20:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /tickets/tracking_consent.php
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 jquery-3.5.1.min.js Show response
www.ticketsatwork.com/common_resources/js/ 87 KB
32 KB 281ms
278ms Script
application/javascript 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/js/jquery-3.5.1.min.js

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:49 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 31 Aug 2020 15:45:29 GMT
server: cloudflare
etag: W/"15d84-5ae2e4aba3840"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 86b8f32308ca6a77-TXL

GET
H3 200 jquery-ui-1.13.2.min.js Show response
www.ticketsatwork.com/common_resources/js/ 249 KB
68 KB 252ms
249ms Script
application/javascript 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/js/jquery-ui-1.13.2.min.js

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:49 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 19 Sep 2022 13:26:39 GMT
server: cloudflare
etag: W/"3e471-5e907a95c61c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 86b8f32308cf6a77-TXL

GET
H3 200 li.js Show response
www.ticketsatwork.com/common_resources/js/ 25 KB
5 KB 581ms
578ms Script
application/javascript 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/js/li.js?ebgcbv=189

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21a483e7f4b138c12d7378f8d6099d382cfb1e78f8434a52d41d435944ed2fd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 14 Feb 2022 15:43:22 GMT
server: cloudflare
etag: W/"651c-5d7fc46bbda80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 86b8f32308d36a77-TXL

GET
H3 200 interaction_analytics.js Show response
www.ticketsatwork.com/common_resources/js/ 7 KB
2 KB 250ms
247ms Script
application/javascript 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/js/interaction_analytics.js?ebgcbv=189

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08afdf6eac5aa471056a6d1186e624a899a374d402adca5a7aa9957b0eea2995

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:49 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Thu, 12 Jan 2023 15:23:35 GMT
server: cloudflare
etag: W/"1bb6-5f212b34c2bc0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cf-ray: 86b8f32308d66a77-TXL

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 148ms
53ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 2862
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 08:59:21 GMT
server: cloudflare
etag: 0x8DC4E3C319418D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2463efed-c01e-0042-6361-808003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f323aa3039d3-FRA

GET
H2 200 launch-1645114e1c78.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/ 656 KB
159 KB 150ms
42ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 09a259d9b83dbd6e932da482ebdfed44a6f049a9cbf5b3c7fc051d2b8632f1c2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:49 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 21:05:11 GMT
server: AkamaiNetStorage
etag: "654307af72e9bc6724f41dbc8da62c65:1710450311.023881"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 162174
expires: Thu, 28 Mar 2024 17:20:49 GMT

GET
H3 200 big_logo.jpg
www.ticketsatwork.com/img/ 34 KB
35 KB 340ms
339ms Image
image/jpeg 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/img/big_logo.jpg

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a9bb6a4bb7eaffcfb39d44386cd699b34952951572f9f74496b384ed458d9f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 35155
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Wed, 07 Jun 2023 18:39:00 GMT
cf-bgj: h2pri
server: cloudflare
etag: "8953-5fd8e72fe3900"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f32308d86a77-TXL
expires: Sat, 27 Apr 2024 16:20:49 GMT

GET
H3 200 consent_splash_disney.png
www.ticketsatwork.com/common_resources/tawframework/img/ 57 KB
57 KB 342ms
341ms Image
image/png 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_disney.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0a41e36c1664eac057a83b9fa7c49c89825fcfabcc47a2b1914d6d487f65522

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:49 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 58203
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "e35b-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f32308db6a77-TXL
expires: Sat, 27 Apr 2024 16:20:49 GMT

GET
H3 200 consent_splash_universal.png
www.ticketsatwork.com/common_resources/tawframework/img/ 64 KB
64 KB 247ms
247ms Image
image/png 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_universal.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb64a05853ccf42fc6e52d9b8eb4afd8ac4c47ed61df3aac317d94ed258a9e2f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 65112
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "fe58-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f3252e386a77-TXL
expires: Sat, 27 Apr 2024 16:20:50 GMT

GET
H3 200 consent_splash_seaworld.png
www.ticketsatwork.com/common_resources/tawframework/img/ 66 KB
67 KB 259ms
259ms Image
image/png 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_seaworld.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf67fa9307c91b01d52a9ec5781dd05f74dd5f821d87d76f438ede52056f4266

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 67978
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "1098a-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f3255e956a77-TXL
expires: Sat, 27 Apr 2024 16:20:50 GMT

GET
H3 200 consent_splash_sixflags.png
www.ticketsatwork.com/common_resources/tawframework/img/ 82 KB
83 KB 256ms
255ms Image
image/png 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_sixflags.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba561fadb45ac39c0048acd990ebfca4d6a25112d2b06b40ba06c67bd9105088

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 84447
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "149df-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f326ea996a77-TXL
expires: Sat, 27 Apr 2024 16:20:50 GMT

GET
H3 200 consent_splash_wyndham.png
www.ticketsatwork.com/common_resources/tawframework/img/ 70 KB
70 KB 244ms
244ms Image
image/png 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_wyndham.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2854856e2856c9e70e76a9041cd60944200250d93ee8f292d4274008034386e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 71443
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Mon, 08 May 2023 15:08:48 GMT
server: cloudflare
etag: "11713-5fb3004052000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f328af346a77-TXL
expires: Sat, 27 Apr 2024 16:20:50 GMT

POST
H3 200 li.php Show response
www.ticketsatwork.com/common_resources/ 786 B
968 B 337ms
337ms XHR
application/json 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/li.php

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b83d89b5f3ad9adbebe3adae3e014be2d4e33d45c5d02fbe7f5ac7dd3997d203

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-NewRelic-ID: XA4PUldACQIAXFRbAA==
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86b8f326a9f06a77-TXL
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 9ea95be0-451b-4ef8-8b4d-41b4b6617c33.json Show response
cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/ 5 KB
2 KB 138ms
58ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/9ea95be0-451b-4ef8-8b4d-41b4b6617c33.json

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04c75e06c29271ddae8b20331f58480893e6ed8e5f47a17e1ddc71e649027ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3563
content-md5: I0MklNRTS1DMjwQdilqD7g==
content-length: 1758
x-ms-lease-status: unlocked
last-modified: Tue, 26 Mar 2024 12:10:08 GMT
server: cloudflare
etag: 0x8DC4D8DADEEDF85
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7fb9d39b-701e-0078-1f76-7f9a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f3273f509f12-FRA
expires: Fri, 29 Mar 2024 16:20:50 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 62ms
62ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ticketsatwork.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12384
expires: Thu, 28 Mar 2024 17:20:50 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 65ms
64ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:49 GMT
server: AkamaiNetStorage
etag: "b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ticketsatwork.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1598
expires: Thu, 28 Mar 2024 17:20:50 GMT

GET
H2 200 100001 Show response
www.p.zjptg.com/tag/1537403/ 49 KB
49 KB 155ms
47ms Script
text/plain 108.138.26.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p.zjptg.com/tag/1537403/100001
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-67.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 65314cccaad42f005cd9dcbb20349aa8aed98e37a935a25a5cfb2e2e555295e1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 15:36:21 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
age: 2669
x-cache: Hit from cloudfront
content-length: 50384
x-amz-cf-id: dW9WVkZeKyJX6LPLj9F5D5FtXmdPl4hNJuUNBjQODhurHtOjz_AIhw==

GET
H2 200 everflow.js Show response
www.mnpa6gtrk.com/scripts/sdk/ 31 KB
9 KB 283ms
149ms Script
text/javascript 35.244.234.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mnpa6gtrk.com/scripts/sdk/everflow.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.234.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.234.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a6fa51ecf9dff7e1d027a028872601103a8c90da4ede8353d0a7ed4a6ab06a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 04a71a5f-17d0-4bcf-be7d-2e32310b7bea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 159ms
65ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 86b8f3283bb590f4-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/ 442 KB
107 KB 52ms
52ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
age: 80432
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 109676
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
server: cloudflare
etag: 0x8DC49752A75EB01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f328bfa139d3-FRA

GET
H3 200 lato-regular-webfont.woff
www.ticketsatwork.com/css/fonts/ 31 KB
32 KB 584ms
584ms Font
font/opentype 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/css/fonts/lato-regular-webfont.woff

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
Origin: https://www.ticketsatwork.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 31808
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Wed, 22 Jan 2014 16:42:44 GMT
server: cloudflare
etag: "7c40-4f091d0644900"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/opentype
cache-control: max-age=7776000, public
accept-ranges: bytes
cf-ray: 86b8f328bf786a77-TXL
expires: Wed, 26 Jun 2024 16:20:51 GMT

GET
H3

200

main.js Show response
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 9514
Redirect Chain

https://www.ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

39ms
39ms

Script
application/javascript

172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b167cedade8149f43f63ed8052b79b32a9ae8d2a04583baa9b9b5c108dea85b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubDomains
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86b8f32918976a77-TXL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control: max-age=300, public
cf-ray: 86b8f328cfab6a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 li.php Show response
www.ticketsatwork.com/common_resources/ 0
521 B 252ms
251ms XHR
text/html 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/li.php

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-NewRelic-ID: XA4PUldACQIAXFRbAA==
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86b8f328dfca6a77-TXL
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 li.php Show response
www.ticketsatwork.com/common_resources/ 0
526 B 219ms
218ms XHR
text/html 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/common_resources/li.php

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-NewRelic-ID: XA4PUldACQIAXFRbAA==
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: unsafe-url
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86b8f328dfd36a77-TXL
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 7445.jpg
www.ticketsatwork.com/common_resources/campaigns/ 32 KB
32 KB 221ms
221ms Image
image/jpeg 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/campaigns/7445.jpg

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56933627eb1b1af307d234eb0754a0d7d2e6edc1bfa41af67fb58eb3cee31956

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 32683
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Fri, 22 Mar 2024 20:23:42 GMT
cf-bgj: h2pri
server: cloudflare
etag: "7fab-61445999ae814"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f328dfd66a77-TXL
expires: Sat, 27 Apr 2024 16:20:50 GMT

GET
H3 200 close.png
www.ticketsatwork.com/common_resources/campaigns/ 4 KB
5 KB 252ms
252ms Image
image/png 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ticketsatwork.com/common_resources/campaigns/close.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

537d4fed9f1381b8d19b83550252fa2cac347ab0f2a638d45deb81ac9e88ab31

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
content-length: 4163
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Thu, 07 Jan 2016 13:41:34 GMT
server: cloudflare
etag: "1043-528bea1065f80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 86b8f328dfd86a77-TXL
expires: Sat, 27 Apr 2024 16:20:50 GMT

POST
H3 200 86b8f31fb817fc5b Show response
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9514 0
347 B 58ms
58ms XHR
text/plain 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/86b8f31fb817fc5b

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Mar 2024 16:20:50 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 86b8f329ba346a77-TXL
alt-svc: h3=":443"; ma=86400

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/018e7240-e394-7508-bd58-7ca1ecf69c8a/ 99 KB
22 KB 86ms
85ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/018e7240-e394-7508-bd58-7ca1ecf69c8a/en.json

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1288ccc0fc141773beb5857de356139f199bac4cc6fe447b55a84342da84ea5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 342ZfRAZLlXl2/4Ahacnrg==
content-length: 22543
x-ms-lease-status: unlocked
last-modified: Tue, 26 Mar 2024 12:10:18 GMT
server: cloudflare
etag: 0x8DC4D8DB3F7DA7F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7fc17ec1-701e-0078-7877-7f9a7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f32a1b3e9f12-FRA
expires: Fri, 29 Mar 2024 16:20:50 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 13 KB
3 KB 56ms
56ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: KLWFssuowJEtDumTaVZD/A==
age: 3564
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
server: cloudflare
etag: 0x8DC497526A04834
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f479a64c-901e-0012-2a2e-7e4253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f32abbe99f12-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/ 63 KB
14 KB 55ms
54ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JqD83lHxEjWNdmDqKd9lzA==
age: 3564
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13599
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:31 GMT
server: cloudflare
etag: 0x8DC4975281E71C8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c7ae4d72-901e-0060-4e2e-7e451c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f32abbec9f12-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 57ms
57ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
age: 3564
x-ms-lease-status: unlocked
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c8926bc3-a01e-008f-302e-7eb0e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b8f32abbee9f12-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 50ms
50ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 79382
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 02:02:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 94cb1f5c-201e-0091-3f0b-805c31000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b8f32b5cc79f12-FRA

GET
H2 200 Background_Blank_Logo_%23003466_Color.png
cdn.cookielaw.org/logos/d3646c5c-241f-4a3a-8e20-5a76f0100e08/f2f4a009-5f91-4fc5-b02d-6b124ca021fc/01934b4d-0e2b-459f-96f7-f90662b436dc/ 2 KB
2 KB 55ms
55ms Image
image/png 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/d3646c5c-241f-4a3a-8e20-5a76f0100e08/f2f4a009-5f91-4fc5-b02d-6b124ca021fc/01934b4d-0e2b-459f-96f7-f90662b436dc/Background_Blank_Logo_%23003466_Color.png

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d3c197d6e30d6645f7f89d028509e7bbdfce73fa1dc3e356c9854da1722ddf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PtWihmGZDte5JSK9WDc7kQ==
age: 83847
content-length: 1699
x-ms-lease-status: unlocked
last-modified: Tue, 09 Nov 2021 00:25:10 GMT
server: cloudflare
etag: 0x8D9A31763DD0BB4
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 457054a6-e01e-008e-6b47-23ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b8f32b5a8e39d3-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 53ms
53ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 57824
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 08:59:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 06e4b66f-501e-0040-4b79-803ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b8f32b5a9139d3-FRA

GET
H2 200 nr-spa-1.253.0.min.js Show response
js-agent.newrelic.com/ 99 KB
32 KB 149ms
47ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.253.0.min.js

Requested by

Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e72e22c9fd71d91300781105175767a7275aa469946f7f72cdda5adaa5c548e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
Origin: https://www.ticketsatwork.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fCBpomkNr2k.mGTnq1v.Ze6YZpq.zil8
content-encoding: br
via: 1.1 varnish
date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=300
x-amz-request-id: 3C8GPPJTHMQK8SC4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 32390
x-amz-id-2: /HvEJncBYRNt+NB3MSIj7nHQZcRKm1vdqMJFWJE7qx5Er4qT90MLT3ttNkYWsgA/zxFAr6HeLbM=
x-served-by: cache-mxp6929-MXP
last-modified: Wed, 13 Mar 2024 21:07:25 GMT
server: AmazonS3
etag: "4a6ecb6da3c4e819773b0e3331ff5e7a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2567

GET
H2 200 RCeac883f65a3f41babe9d08ad2d6fcd6d-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/5047c5cfd33e/ 508 B
576 B 42ms
42ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/5047c5cfd33e/RCeac883f65a3f41babe9d08ad2d6fcd6d-source.min.js
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 58d366f02ae21739367c686d456292f685a3fd3e9c0d6ae4e755606dc44396ef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:51 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 21:05:13 GMT
server: AkamaiNetStorage
etag: "66d973786575840217dedac3fed2266c:1710450313.861246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 316
expires: Thu, 28 Mar 2024 17:20:51 GMT

GET
H2 200 RCe6c4b6ac8c8349c19bf0d9a27daa1740-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/5047c5cfd33e/ 618 B
657 B 43ms
43ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/5047c5cfd33e/RCe6c4b6ac8c8349c19bf0d9a27daa1740-source.min.js
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d3a1c2471d8133724e08b8f653ac78c3c09dc61e240ba494113a8288faae25b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:51 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 21:05:13 GMT
server: AkamaiNetStorage
etag: "66d973786575840217dedac3fed2266c:1710450313.861246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 397
expires: Thu, 28 Mar 2024 17:20:51 GMT

GET
H2 200 policy Show response
www.sjwoe.com/ 47 B
466 B 146ms
39ms Fetch
application/json 2600:9000:2646:6000:7:f1a3:af00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sjwoe.com/policy
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:6000:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 19:22:31 GMT
via: 1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 75499
x-amzn-trace-id: Root=1-660471f7-3e0c3a7d6d2717cd2f96ed15;Parent=05b7c55ea99fe233;Sampled=0;lineage=36ff8a84:0
x-amzn-requestid: 7791bab3-ee12-4db7-98e8-9075410ee25f
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-apigw-id: VTa-yE5JIAMEr8Q=
content-length: 47
x-amz-cf-id: qta_yKQu1Qh6UejpIjaUnXAoME-hwwPBLkcfUCQmLEzVEKxyR6woBQ==

GET
H3 200 favicon.ico
www.ticketsatwork.com/ 1 KB
1 KB 233ms
233ms Other
image/vnd.microsoft.icon 172.64.155.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketsatwork.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.155.9 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7f26f60b29364db2344bc8704eea27dd65908fdc2abc8fe4a5631236c170ee

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:51 GMT
strict-transport-security: max-age=5184000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
last-modified: Fri, 07 Dec 2012 19:39:00 GMT
server: cloudflare
etag: W/"47e-4d0485dfe1d00"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
cache-control: max-age=7776000, public
cf-ray: 86b8f32c78ef6a77-TXL
expires: Wed, 26 Jun 2024 16:20:51 GMT

GET
H2 200 RCd5fe93df2ac344a6b7798a869003a2f6-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/5047c5cfd33e/ 2 KB
1 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/5047c5cfd33e/RCd5fe93df2ac344a6b7798a869003a2f6-source.min.js
Requested by: Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 079e87aba876cfdaa4447494f253c61bfa713531a902803fd2cc1a431263011f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:20:51 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 21:05:13 GMT
server: AkamaiNetStorage
etag: "66d973786575840217dedac3fed2266c:1710450313.861246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ticketsatwork.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 792
expires: Thu, 28 Mar 2024 17:20:51 GMT

POST
H2 200 log
www.p.zjptg.com/ 19 B
247 B 58ms
58ms Ping
text/plain 108.138.26.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p.zjptg.com/log
Requested by: Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/1537403/100001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-67.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Mar 2024 16:20:51 GMT
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
content-length: 19
x-amz-cf-id: E_n_74cyt7AzK8GJTDZHtHcZoyXf5opfa5lDBiZsfMdS7p3IfkAONA==
x-cache: Miss from cloudfront

POST undefined
bam.nr-data.net/1/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.253.0&t=Unnamed%20Transaction&rst=3766&ck=0&s=6cf2b6fe544ea38b&ref=https://www.ticketsatwork.com/tickets/tracking_consent.php&hr=0&af=err,xhr,stn,ins,spa&be=2028&fe=1546&dc=965&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1711642847685,%22n%22:0,%22f%22:1528,%22dn%22:1528,%22dne%22:1528,%22c%22:1528,%22s%22:1528,%22ce%22:1528,%22rq%22:1530,%22rp%22:2028,%22rpe%22:2050,%22di%22:2989,%22ds%22:2989,%22de%22:2993,%22dc%22:3571,%22l%22:3571,%22le%22:3574%7D,%22navigation%22:%7B%7D%7D&fp=2996&fcp=2996

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ticketsatwork.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d8dgjklfdbpe0l7jsu1h2k7eg2
www.ticketsatwork.com/	1969-12-31 23:59:59	Name: TICKETSATWORK Value: !Gipu6hY5CmOGan2TijxB1fWleg2nHb+izgaNv7hPmxskuMieoKNRntoSjKUOeeDlSSvCDdHDY2V0/CI=
.ticketsatwork.com/	1970-01-20 19:27:24	Name: __cf_bm Value: _6tkxWLYuv5UkPAYvgaMWE1D16rjSQHcHXMk0P1jieA-1711642849-1.0.1.1-tgSkk1e4SmF5xjKwOTXz5FTSBx8.J6W48CDWmZeSz8VTlr8oXvmenuygPe.L0jpCAnU1YxvtmsLjdvdQTfxMWg
.ticketsatwork.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2zs5oiPINh2i0vxsME0gMivzhSWsXZRcVnGjFt3cAJQ-1711642849100-0.0.1.1-604800000
www.ticketsatwork.com/	1970-01-20 20:10:34	Name: gdpr_pp Value: 2
.ticketsatwork.com/	1970-01-21 04:12:58	Name: cf_clearance Value: kTsvpFa2N3AF7JS7dl.N.UPGrSA6u8OlRt_i3MDVUFc-1711642850-1.0.1.1-3qplZRHyCqJynx4_ZpLu.L8cI6q7Jq4OA191wfY78VTv0RpE_EAwtxwjtNq8L5FS7WXZdi3fyq0RqQbpSuPxww
.ticketsatwork.com/	1970-01-21 04:12:58	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Mar+28+2024+17%3A20%3A51+GMT%2B0100+(Central+European+Standard+Time)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=f1e8617f-a18f-4f23-8027-1e78f47c749b&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.ticketsatwork.com%2Ftickets%2Ftracking_consent.php&groups=C0001%3A1%2CID007%3A0%2CC0003%3A0%2CC0002%3A0%2CGRP01%3A0%2CC0005%3A0%2CC0004%3A0
www.ticketsatwork.com/	1970-01-20 23:52:16	Name: cjConsent Value: 0\|0:1711642851259\|0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 11) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.p.zjptg.com/tag/1537403/100001, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 11) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.p.zjptg.com/tag/1537403/100001, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 11) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mnpa6gtrk.com/scripts/sdk/everflow.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://www.ticketsatwork.com/tickets/tracking_consent.php Message: Access to XMLHttpRequest at 'https://bam.nr-data.net/1/undefined?a=undefined&v=1.253.0&t=Unnamed%20Transaction&rst=3766&ck=0&s=6cf2b6fe544ea38b&ref=https://www.ticketsatwork.com/tickets/tracking_consent.php&hr=0&af=err,xhr,stn,ins,spa&be=2028&fe=1546&dc=965&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1711642847685,%22n%22:0,%22f%22:1528,%22dn%22:1528,%22dne%22:1528,%22c%22:1528,%22s%22:1528,%22ce%22:1528,%22rq%22:1530,%22rp%22:2028,%22rpe%22:2050,%22di%22:2989,%22ds%22:2989,%22de%22:2993,%22dc%22:3571,%22l%22:3571,%22le%22:3574%7D,%22navigation%22:%7B%7D%7D&fp=2996&fcp=2996' from origin 'https://www.ticketsatwork.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.253.0&t=Unnamed%20Transaction&rst=3766&ck=0&s=6cf2b6fe544ea38b&ref=https://www.ticketsatwork.com/tickets/tracking_consent.php&hr=0&af=err,xhr,stn,ins,spa&be=2028&fe=1546&dc=965&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1711642847685,%22n%22:0,%22f%22:1528,%22dn%22:1528,%22dne%22:1528,%22c%22:1528,%22s%22:1528,%22ce%22:1528,%22rq%22:1530,%22rp%22:2028,%22rpe%22:2050,%22di%22:2989,%22ds%22:2989,%22de%22:2993,%22dc%22:3571,%22l%22:3571,%22le%22:3574%7D,%22navigation%22:%7B%7D%7D&fp=2996&fcp=2996 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; media-src blob:; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.cookielaw.org
e.email.ticketsatwork.com
geolocation.onetrust.com
js-agent.newrelic.com
www.mnpa6gtrk.com
www.p.zjptg.com
www.sjwoe.com
www.ticketsatwork.com
bam.nr-data.net
108.138.26.67
172.64.155.9
2600:9000:2646:6000:7:f1a3:af00:93a1
2602:816:5001::39
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a02:26f0:3500:591::1e80
35.244.234.248
96.47.24.171
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
079e87aba876cfdaa4447494f253c61bfa713531a902803fd2cc1a431263011f
08afdf6eac5aa471056a6d1186e624a899a374d402adca5a7aa9957b0eea2995
09a259d9b83dbd6e932da482ebdfed44a6f049a9cbf5b3c7fc051d2b8632f1c2
1288ccc0fc141773beb5857de356139f199bac4cc6fe447b55a84342da84ea5a
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
3d3c197d6e30d6645f7f89d028509e7bbdfce73fa1dc3e356c9854da1722ddf1
4a6fa51ecf9dff7e1d027a028872601103a8c90da4ede8353d0a7ed4a6ab06a5
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
537d4fed9f1381b8d19b83550252fa2cac347ab0f2a638d45deb81ac9e88ab31
56933627eb1b1af307d234eb0754a0d7d2e6edc1bfa41af67fb58eb3cee31956
57a9bb6a4bb7eaffcfb39d44386cd699b34952951572f9f74496b384ed458d9f
58d366f02ae21739367c686d456292f685a3fd3e9c0d6ae4e755606dc44396ef
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
65314cccaad42f005cd9dcbb20349aa8aed98e37a935a25a5cfb2e2e555295e1
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6f7f26f60b29364db2344bc8704eea27dd65908fdc2abc8fe4a5631236c170ee
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
9ecd742d9fdf89ac01d58f133e5b626a7599e3ce151121602ad219f4650fe3c4
a2854856e2856c9e70e76a9041cd60944200250d93ee8f292d4274008034386e
a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75
b167cedade8149f43f63ed8052b79b32a9ae8d2a04583baa9b9b5c108dea85b0
b83d89b5f3ad9adbebe3adae3e014be2d4e33d45c5d02fbe7f5ac7dd3997d203
ba561fadb45ac39c0048acd990ebfca4d6a25112d2b06b40ba06c67bd9105088
cf67fa9307c91b01d52a9ec5781dd05f74dd5f821d87d76f438ede52056f4266
d3a1c2471d8133724e08b8f653ac78c3c09dc61e240ba494113a8288faae25b3
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e04c75e06c29271ddae8b20331f58480893e6ed8e5f47a17e1ddc71e649027ad
e0a41e36c1664eac057a83b9fa7c49c89825fcfabcc47a2b1914d6d487f65522
e21a483e7f4b138c12d7378f8d6099d382cfb1e78f8434a52d41d435944ed2fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72e22c9fd71d91300781105175767a7275aa469946f7f72cdda5adaa5c548e1
e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb64a05853ccf42fc6e52d9b8eb4afd8ac4c47ed61df3aac317d94ed258a9e2f

www.ticketsatwork.com Open in urlscan Pro 172.64.155.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

56 %IPv6

9 Domains

10 Subdomains

9 IPs

3 Countries

1016 kBTransfer

2443 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ticketsatwork.com Open in urlscan Pro
172.64.155.9 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

1016 kB
Transfer

2443 kB
Size

8
Cookies

43 HTTP transactions
0 data transactions