qa-ids.mlb.com Open in urlscan Pro
151.101.209.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qa-ticket-wlist.mlb.com/
Effective URL:
https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2...
Submission: On July 29 via automatic, source certstream-suspicious (July 29th 2024, 5:58:56 am UTC) — Scanned from DE

Summary HTTP 47 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 47 HTTP transactions. The main IP is 151.101.209.60, located in San Francisco, United States and belongs to FASTLY, US. The main domain is qa-ids.mlb.com.
TLS certificate: Issued by R10 on July 27th 2024. Valid for: 3 months.

This is the only time qa-ids.mlb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.244.249.42 35.244.249.42	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.209.60 151.101.209.60	54113 (FASTLY) (FASTLY)
9	18.244.18.82 18.244.18.82	16509 (AMAZON-02) (AMAZON-02)
8	199.232.37.91 199.232.37.91	54113 (FASTLY) (FASTLY)
3	151.101.209.91 151.101.209.91	54113 (FASTLY) (FASTLY)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.122.11 18.66.122.11	16509 (AMAZON-02) (AMAZON-02)
3	52.213.48.74 52.213.48.74	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2491:6400:12:d46c:8900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.111.46.89 34.111.46.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.138.7.41 108.138.7.41	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.27 63.140.62.27	15224 (OMNITURE) (OMNITURE)
1 1	52.19.10.201 52.19.10.201	16509 (AMAZON-02) (AMAZON-02)
47	14

4 35.244.249.42 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 42.249.244.35.bc.googleusercontent.com

qa-ticket-wlist.mlb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.209.60 (San Francisco, United States)

ASN54113 (FASTLY, US)

qa-ids.mlb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.244.18.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-82.fra56.r.cloudfront.net

op1static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.37.91 (New York, United States)

ASN54113 (FASTLY, US)

www.mlbstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.209.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

qa.mlbstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-11.fra60.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.48.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-48-74.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mlb.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:6400:12:d46c:8900:93a1 (United States)

ASN16509 (AMAZON-02, US)

contentful-graphql-preview.bamcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.46.89 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.46.111.34.bc.googleusercontent.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-41.fra56.r.cloudfront.net

login.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.27 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-27.data.adobedc.net

ans.mlb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.10.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-10-201.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	mlbstatic.com www.mlbstatic.com — Cisco Umbrella Rank: 13406 qa.mlbstatic.com	700 KB
10	mlb.com qa-ticket-wlist.mlb.com qa-ids.mlb.com ans.mlb.com — Cisco Umbrella Rank: 15366	547 KB
9	oktacdn.com op1static.oktacdn.com — Cisco Umbrella Rank: 63554	745 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 319 mlb.demdex.net — Cisco Umbrella Rank: 17959	3 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	61 KB
2	bamcontent.com contentful-graphql-preview.bamcontent.com	3 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 6926 api-js.datadome.co — Cisco Umbrella Rank: 6331	30 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	okta.com login.okta.com — Cisco Umbrella Rank: 7359
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	5 KB
47	10

	Domain	Requested by
9	op1static.oktacdn.com	qa-ids.mlb.com op1static.oktacdn.com
8	www.mlbstatic.com	qa-ids.mlb.com qa.mlbstatic.com
5	qa-ids.mlb.com	qa-ticket-wlist.mlb.com js.datadome.co
4	qa-ticket-wlist.mlb.com	qa-ticket-wlist.mlb.com
3	assets.adobedtm.com	qa-ids.mlb.com assets.adobedtm.com
3	qa.mlbstatic.com	qa-ids.mlb.com
2	contentful-graphql-preview.bamcontent.com	js.datadome.co
2	dpm.demdex.net	www.mlbstatic.com qa-ids.mlb.com
1	cm.everesttech.net	1 redirects
1	ans.mlb.com	www.mlbstatic.com
1	mlb.demdex.net	www.mlbstatic.com
1	login.okta.com	op1static.oktacdn.com
1	api-js.datadome.co	js.datadome.co
1	js.datadome.co	qa-ids.mlb.com
1	cdnjs.cloudflare.com	qa-ticket-wlist.mlb.com
47	15

This site contains links to these domains. Also see Links.

Domain
www.mlb.com
qa-gcp.mlb.com

Subject Issuer	Validity	Valid
qa-ticket-wlist.mlb.com R10	`2024-07-29` - `2024-10-27`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
qa-ids.mlb.com R10	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2025-01-02`	a year	crt.sh
www.mlbstatic.com R11	`2024-06-17` - `2024-09-15`	3 months	crt.sh
qa.mlbstatic.com R10	`2024-07-26` - `2024-10-24`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.bamcontent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-20` - `2025-02-28`	a year	crt.sh
accounts.okta.com Amazon RSA 2048 M02	`2024-07-17` - `2025-08-15`	a year	crt.sh
ans.mlb.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Frame ID: D827E16BA8C56BE0C5AAB1801B66CA9D
Requests: 43 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 071ACDD3AE4D64B7E825F4F441ECB94D
Requests: 1 HTTP requests in this frame

Frame: https://mlb.demdex.net/dest5.html?d_nsid=0
Frame ID: 370FA52B19B807D53FDB15825F2B2DFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MLB - Anmelden

Page URL History Show full URLs

https://qa-ticket-wlist.mlb.com/ Page URL
https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code... Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

47
Requests

87 %
HTTPS

21 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

2093 kB
Transfer

5130 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mlb.com/
Title: MLB.com

Search URL Search Domain Scan URL

URL: https://qa-gcp.mlb.com/official-information/contact
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://www.mlb.com/official-information/terms-of-use

Search URL Search Domain Scan URL

URL: https://qa-gcp.mlb.com/official-information/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.mlb.com/official-information/privacy-policy

Search URL Search Domain Scan URL

URL: https://qa-gcp.mlb.com/official-information/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qa-ticket-wlist.mlb.com/ Page URL
https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://cm.everesttech.net/cm/dd?d_uuid=40133310718488285791615115608518432712 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqcvngAAAJx8qgN-

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
qa-ticket-wlist.mlb.com/ 799 B
976 B 226ms
135ms Document
text/html 35.244.249.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://qa-ticket-wlist.mlb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.249.42 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 42.249.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash: 74a05e509d1123382e1530f98d8c55bfcf92a7bb1b19d16156ee2e2b1172c59e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-length: 799
content-type: text/html
date: Mon, 29 Jul 2024 05:58:51 GMT
etag: "65f9ed6d-31f"
last-modified: Tue, 19 Mar 2024 19:54:21 GMT
server: nginx/1.25.4
via: 1.1 google

GET
H2 200 main.5fe9afa8.js Show response
qa-ticket-wlist.mlb.com/static/js/ 460 KB
461 KB 134ms
133ms Script
application/javascript 35.244.249.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://qa-ticket-wlist.mlb.com/static/js/main.5fe9afa8.js
Requested by: Host: qa-ticket-wlist.mlb.com
URL: https://qa-ticket-wlist.mlb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.249.42 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 42.249.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash: 2a5722d868ac883e7d47a4de2a9b5e049db3b5ea324064d08b898a48494db036

Request headers

Referer: https://qa-ticket-wlist.mlb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:51 GMT
via: 1.1 google
last-modified: Tue, 19 Mar 2024 19:54:21 GMT
server: nginx/1.25.4
etag: "65f9ed6d-72e07"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470535

GET
H2 200 main.df28abdd.css
qa-ticket-wlist.mlb.com/static/css/ 14 KB
14 KB 135ms
134ms Stylesheet
text/css 35.244.249.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://qa-ticket-wlist.mlb.com/static/css/main.df28abdd.css
Requested by: Host: qa-ticket-wlist.mlb.com
URL: https://qa-ticket-wlist.mlb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.249.42 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 42.249.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash: e756aa89a9ef53bf52b3d0a9426d5b0cd5720289b595935859061a07a8d684b9

Request headers

Referer: https://qa-ticket-wlist.mlb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:51 GMT
via: 1.1 google
last-modified: Tue, 19 Mar 2024 19:54:21 GMT
server: nginx/1.25.4
etag: "65f9ed6d-3739"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14137

GET
H3 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.10/ 14 KB
5 KB 64ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.10/iframeResizer.contentWindow.min.js

Requested by

Host: qa-ticket-wlist.mlb.com
URL: https://qa-ticket-wlist.mlb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c877c8620cf87e48261427f6a83be61e217940b2dba8fbfee0a3ac968e264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa-ticket-wlist.mlb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3329779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4599
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-3743"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FiA6QK72KbE4lzei5DkAoOnm7SlPC2IKCoRcEB%2FMl2xjccPpIumSD4TOrO7eco1IENnOx4RZON%2BNUHUqeH%2Bahef8qt8RXEXjHYpQiuFnJjcnLdR4ivItKTeZy3kzf4NQQ%2BEyZ6BUixpQQAMT43iPQVl9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8aaae12dfd7018e1-FRA
expires: Sat, 19 Jul 2025 05:58:51 GMT

GET
H3 200 favicon.ico
qa-ticket-wlist.mlb.com/ 22 KB
22 KB 131ms
131ms Other
image/x-icon 35.244.249.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://qa-ticket-wlist.mlb.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.249.42 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 42.249.244.35.bc.googleusercontent.com
Software: nginx/1.25.4 /
Resource Hash: 965301d82ae5432e113c4bf2fe253789812e4cf207cb49103bf71b72e6e08645

Request headers

Referer: https://qa-ticket-wlist.mlb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:52 GMT
via: 1.1 google
last-modified: Tue, 19 Mar 2024 19:53:54 GMT
server: nginx/1.25.4
etag: "65f9ed52-576e"
content-type: image/x-icon
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22382

GET
H2 200 openid-configuration Show response
qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/.well-known/ 3 KB
4 KB 367ms
366ms Fetch
application/json 151.101.209.60
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/.well-known/openid-configuration

Requested by

Host: qa-ticket-wlist.mlb.com
URL: https://qa-ticket-wlist.mlb.com/static/js/main.5fe9afa8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.209.60 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

16dc8f2d91d56be3d08dc07690c9ea1308428607f7704ce9f133b3e82bd1faec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.mlb.com: https://.mlb.com: http://localhost:* http://local.milb.com:* https://github.mlbam.net https://.mlbinfra.net https://.mlbinfra.com https://mlbidsqa.oktapreview.com http://.mlbpressbox.com https://.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://qa-ticket-wlist.mlb.com/
X-Okta-User-Agent-Extended: okta-auth-js/7.2.0 @okta/okta-react/6.7.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: ZqcvnHtTEnScangzsJjL1AAABlA
strict-transport-security: max-age=315360000; includeSubDomains
date: Mon, 29 Jul 2024 05:58:52 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors http://*.mlb.com:* https://*.mlb.com:* http://localhost:* http://local.milb.com:* https://github.mlbam.net https://*.mlbinfra.net https://*.mlbinfra.com https://mlbidsqa.oktapreview.com http://*.mlbpressbox.com https://*.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
via: 1.1 varnish
x-datadome: protected
age: 0
x-cache: MISS
p3p: CP="HONK"
expires: Tue, 30 Jul 2024 05:58:52 GMT
fastly-restarts: 1
x-xss-protection: 0
x-served-by: cache-ewr18157-EWR
content-length: 3419
referrer-policy: strict-origin-when-cross-origin
server: nginx
accept-ch: Sec-CH-UA-Platform-Version
x-timer: S1722232733.582565,VS0,VS0,VE252
vary: Origin
content-type: application/json
access-control-allow-origin: https://qa-ticket-wlist.mlb.com
cache-control: max-age=86400, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 openid-configuration
qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/.well-known/ Frame 0
0 422ms
170ms Preflight
application/octet-stream 151.101.209.60
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/.well-known/openid-configuration

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.209.60 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

frame-ancestors http://*.mlb.com:* https://*.mlb.com:* http://localhost:* http://local.milb.com:* https://github.mlbam.net https://*.mlbinfra.net https://*.mlbinfra.com https://mlbidsqa.oktapreview.com http://*.mlbpressbox.com https://*.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com

Strict-Transport-Security

max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://qa-ticket-wlist.mlb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://qa-ticket-wlist.mlb.com
access-control-max-age: 3600
content-length: 0
content-security-policy: frame-ancestors http://*.mlb.com:* https://*.mlb.com:* http://localhost:* http://local.milb.com:* https://github.mlbam.net https://*.mlbinfra.net https://*.mlbinfra.com https://mlbidsqa.oktapreview.com http://*.mlbpressbox.com https://*.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
content-type: application/octet-stream
date: Mon, 29 Jul 2024 05:58:52 GMT
fastly-restarts: 1
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-datadome: protected
x-okta-request-id: ZqcvnJ9K5znAA2bXPLaiBwAABIg
x-served-by: cache-ewr18157-EWR
x-timer: S1722232732.409809,VS0,VS0,VE56

GET
H2 200 Primary Request authorize Show response
qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/ 45 KB
15 KB 617ms
384ms Document
text/html 151.101.209.60
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile

Requested by

Host: qa-ticket-wlist.mlb.com
URL: https://qa-ticket-wlist.mlb.com/static/js/main.5fe9afa8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.209.60 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6196e9789b36230cf00be4881778091106cf1e06f51b502febfa1155fef28a0d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.mlb.com: https://.mlb.com: http://localhost:* http://local.milb.com:* https://github.mlbam.net https://.mlbinfra.net https://.mlbinfra.com https://mlbidsqa.oktapreview.com http://.mlbpressbox.com https://.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa-ticket-wlist.mlb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Platform-Version
accept-ranges: bytes
cache-control: no-cache, no-store
content-encoding: gzip
content-language: de
content-security-policy: frame-ancestors http://*.mlb.com:* https://*.mlb.com:* http://localhost:* http://local.milb.com:* https://github.mlbam.net https://*.mlbinfra.net https://*.mlbinfra.com https://mlbidsqa.oktapreview.com http://*.mlbpressbox.com https://*.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
content-security-policy-report-only: default-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com; connect-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mlbidsqa.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com; frame-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com
content-type: text/html;charset=utf-8
date: Mon, 29 Jul 2024 05:58:53 GMT
expires: 0
fastly-restarts: 1
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-datadome: protected
x-okta-request-id: ZqcvnS78WtRjpVo9L3nn2gAAD4g
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1722232793
x-robots-tag: noindex,nofollow
x-served-by: cache-ewr18171-EWR
x-timer: S1722232733.187061,VS0,VS0,VE268
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 okta-sign-in.min.js Show response
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/js/ 2 MB
482 KB 100ms
41ms Script
application/javascript 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/js/okta-sign-in.min.js

Requested by

Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

280f9a5d22d25cc1197bedc0ab4294fee92e6f9a22afb8fba4116288e639f774

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-sha1sum: d22f635e5e81a8b89004c0072ac8c5df4bd30784
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Mon, 29 Jul 2024 05:44:19 GMT
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 15294
x-cache: Hit from cloudfront
last-modified: Thu, 08 Feb 2024 00:44:56 GMT
server: nginx
etag: W/"1ea4e7501d0cc1b5656dc6915a9ed23c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: FQ---fhMPXig9eZZTn61cYEUVIVmb6TeUpj08t6DAhCmf2EOu3ZdHg==
expires: Tue, 29 Jul 2025 01:43:59 GMT

GET
H2 200 okta-sign-in.min.css
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/css/ 217 KB
37 KB 83ms
24ms Stylesheet
text/css 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/css/okta-sign-in.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-sha1sum: 4cfa8d8c88cf536e49e478565a2da853267beb22
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Sat, 13 Jul 2024 19:22:40 GMT
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1334173
x-cache: Hit from cloudfront
last-modified: Thu, 08 Feb 2024 00:43:38 GMT
server: nginx
etag: W/"14a902da0701755f1c3dc816ee428221"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: veGwDL-KcY6vvQZdSo0vA3dZI0zkcnXyeJR89iDkSkPpa0Gu1I6d_g==
expires: Sun, 13 Jul 2025 19:22:40 GMT

GET
H2 200 custom-signin.73947dcedbe30f708373f1b3405f6417.css
op1static.oktacdn.com/assets/loginpage/css/ 9 KB
3 KB 80ms
21ms Stylesheet
text/css 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-sha1sum: 35d16198401d1fd985775d017f4a337e2a74c215
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Sat, 13 Jul 2024 11:55:29 GMT
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1361074
x-cache: Hit from cloudfront
last-modified: Fri, 08 Mar 2024 02:54:15 GMT
server: nginx
etag: W/"73947dcedbe30f708373f1b3405f6417"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: AHD5tHB6y6wFck4GTeBRrtPPRwrJZLEDZYQuAFlAoEiPmgrWUSAiFw==
expires: Sun, 13 Jul 2025 11:54:19 GMT

GET
H2 200 react.production.min.js Show response
www.mlbstatic.com/mlb.com/vendor/react/16/ 12 KB
5 KB 416ms
107ms Script
text/javascript 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/vendor/react/16/react.production.min.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

Referer
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 29 Jul 2024 05:58:53 GMT
content-encoding: gzip
via: 1.1 varnish
age: 203
x-cache: HIT
content-length: 4898
x-served-by: cache-lga21946-LGA
last-modified: Fri, 12 Apr 2024 13:54:28 GMT
server: UploadServer
x-timer: S1722232734.881515,VS0,VE1
etag: "63d498e143f421cc44dfb64f22fef270"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 22 Jul 2024 11:40:18 GMT

GET
H2 200 react-dom.production.min.js Show response
www.mlbstatic.com/mlb.com/vendor/react/16/ 116 KB
37 KB 417ms
108ms Script
text/javascript 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/vendor/react/16/react-dom.production.min.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

Referer
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 29 Jul 2024 05:58:53 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1725
x-cache: HIT
content-length: 38049
x-served-by: cache-lga21946-LGA
last-modified: Fri, 12 Apr 2024 13:54:11 GMT
server: UploadServer
x-timer: S1722232734.881499,VS0,VE2
etag: "c5abc87541fe6bb0f43f22af475a8b20"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 11 Jul 2024 06:25:16 GMT

GET
H2 200 ids-static.min.css
qa.mlbstatic.com/identity/ids-static/202406171951/ 14 KB
2 KB 530ms
214ms Stylesheet
text/css 151.101.209.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.mlbstatic.com/identity/ids-static/202406171951/ids-static.min.css
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.209.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f5714ca2808c27d3c1e3b86e3c593ccf6b875d6b2d1fec394be7896adb26cccb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 29 Jul 2024 05:58:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 2190
x-served-by: cache-lga21959-LGA, cache-ewr18139-EWR
last-modified: Mon, 17 Jun 2024 19:52:50 GMT
server: UploadServer
x-timer: S1722232734.896109,VS0,VE100
etag: "9528e12130600dda7a1a218142c3b8f9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=30
accept-ranges: bytes
expires: Mon, 29 Jul 2024 05:59:23 GMT

GET
H2 200 ids-static.js Show response
qa.mlbstatic.com/identity/ids-static/202406171951/ 33 KB
9 KB 589ms
273ms Script
application/javascript 151.101.209.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.mlbstatic.com/identity/ids-static/202406171951/ids-static.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.209.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c30df3fc1ff42d41d64dbf2968d2e50aae19941dbb774642c463d345a5c9f15b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Mon, 29 Jul 2024 05:58:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 9382
x-served-by: cache-lga21933-LGA, cache-ewr18139-EWR
last-modified: Mon, 17 Jun 2024 19:52:50 GMT
server: UploadServer
x-timer: S1722232734.896086,VS0,VE160
etag: "b0188d92a52372867017c577374c76f8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=30
accept-ranges: bytes
expires: Mon, 29 Jul 2024 05:59:24 GMT

GET
H2 200 mlb-okta.js Show response
qa.mlbstatic.com/mlb.com/vendor/mlb-okta/ 1 MB
390 KB 623ms
308ms Script
application/x-javascript 151.101.209.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.209.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 88b154b920feffb91942882165250b1dc16317ad4db9a90f93523445f8116ea2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 29 Jul 2024 06:03:53 GMT
date: Mon, 29 Jul 2024 05:58:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
x-goog-custom-time: 1970-01-01T00:00:00Z
content-length: 398431
x-served-by: cache-lga21954-LGA, cache-ewr18139-EWR
x-goog-meta-
last-modified: Wed, 29 Sep 2021 16:15:39 GMT
server: UploadServer
x-timer: S1722232734.896058,VS0,VE194
etag: "7a10cb00faa575bd4dfb4624c8376653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 VisitorAPI.js Show response
www.mlbstatic.com/mlb.com/adobe-analytics/ 45 KB
15 KB 415ms
107ms Script
application/javascript 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2dbbd961c9e9750bd527a798381554ec4e94245b30f4f0678306c887d026819e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Thu, 06 Jun 2024 20:52:32 GMT
date: Mon, 29 Jul 2024 05:58:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-goog-meta-goog-reserved-file-mtime: 1712596063
age: 16582
x-cache: HIT
content-length: 14858
x-served-by: cache-lga21964-LGA
last-modified: Mon, 08 Apr 2024 17:07:53 GMT
server: UploadServer
x-timer: S1722232734.881699,VS0,VE0
etag: "19817940b49a8d2345aef801d893fe6a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=21600
accept-ranges: bytes
x-cache-hits: 470

GET
H2 200 adobe-client-data-layer.min.js Show response
www.mlbstatic.com/mlb.com/adobe-analytics/ 32 KB
11 KB 415ms
106ms Script
application/javascript 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/adobe-client-data-layer.min.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8a311e5b9b46a222adf695e2a0cc401ef21241e0a33dc8802d6557496158facb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 28 Jul 2024 16:21:41 GMT
date: Mon, 29 Jul 2024 05:58:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-goog-meta-goog-reserved-file-mtime: 1712596063
age: 5832
x-cache: HIT
content-length: 11230
x-served-by: cache-lga21964-LGA
last-modified: Wed, 26 Jun 2024 13:16:01 GMT
server: UploadServer
x-timer: S1722232734.881707,VS0,VE0
etag: "2587a1377e5bcf74cb428aadb430d51f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=21600
accept-ranges: bytes
x-cache-hits: 82

GET
H2 200 launch-6d7cb0242bb0-development.min.js Show response
assets.adobedtm.com/267c22ecc15c/1a924dce079c/ 142 KB
46 KB 142ms
52ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/267c22ecc15c/1a924dce079c/launch-6d7cb0242bb0-development.min.js
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8e89d0cfdaafe955949caf78a5391aac6b94ea893841c77dcba37b88ee49f52f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 05:58:54 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 21:52:04 GMT
server: AkamaiNetStorage
etag: "7291b65be93350b33107410db85680a1:1713217924.427867"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jul 2024 05:58:54 GMT

GET
H2 200 fs01nl7bcq6QIFLdi0h8
op1static.oktacdn.com/fs/bco/1/ 809 B
1 KB 545ms
485ms Image
image/png 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://op1static.oktacdn.com/fs/bco/1/fs01nl7bcq6QIFLdi0h8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8131b45b3fe445f197bb26066ad99f91ef8c79c99a0c6f2a47550ac40d1e85fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:54 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 11:28:47 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
etag: "8c27e876e44c7ab045ab308491ff2177"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
content-length: 809
x-amz-cf-id: fDBBUlekWPDlU0i3iXvIeQM8s2YLozdPCuOXaZrM5d1d0QTL0BorCA==
expires: Tue, 29 Jul 2025 05:58:54 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ 157 KB
29 KB 159ms
23ms Script
text/javascript 18.66.122.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-11.fra60.r.cloudfront.net

Software

Apache /

Resource Hash

aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
date: Mon, 29 Jul 2024 05:05:31 GMT
x-amz-cf-pop: FRA60-P2
age: 3203
x-cache: Hit from cloudfront
content-length: 29471
last-modified: Wed, 24 Jul 2024 12:33:31 GMT
server: Apache
etag: "27519-61dfd7c675244-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: gHzcsIvkoPc9XPbv9B-LD4EDw5zeSXpU8vHlEc1ZY6SvlZFEM0OUzA==
expires: Mon, 29 Jul 2024 06:05:31 GMT

GET
BLOB 200
OK f8aeaaa6-9cc7-4e47-ba04-22c2fb67bfc2
https://qa-ids.mlb.com/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://qa-ids.mlb.com/f8aeaaa6-9cc7-4e47-ba04-22c2fb67bfc2
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 200 id Show response
dpm.demdex.net/ 4 KB
2 KB 170ms
64ms XHR
application/json 52.213.48.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A65F776A5245B01B0A490D44%40AdobeOrg&d_nsid=0&ts=1722232734580

Requested by

Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.48.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-48-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e37ba012affeffe752555f96cc235fffbef29e3274a9950c25185e16eee70310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v063-02518fe92.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Mon, 29 Jul 2024 05:58:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: rdHKuTMJR+c=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://qa-ids.mlb.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1445
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js Show response
op1static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
76 KB 20ms
20ms Script
application/javascript 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Requested by

Host:
URL: OktaUtil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-sha1sum: 91eca02abf11239ec4af7a30b1da6e2610f1b9a6
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
date: Sun, 28 Jul 2024 22:12:56 GMT
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 27959
x-cache: Hit from cloudfront
last-modified: Wed, 01 Nov 2023 21:40:11 GMT
server: nginx
etag: W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: 58ROw1v1yWqjqGMpCNUlJT4HNzqnezzvCU6lYXfqplyud0bRm4-vDA==
expires: Mon, 28 Jul 2025 22:12:55 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 35 KB
13 KB 34ms
34ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/267c22ecc15c/1a924dce079c/launch-6d7cb0242bb0-development.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:54 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:30 GMT
server: AkamaiNetStorage
etag: "964f8cb588092ac645368e7307eb73ac:1709578290.803919"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12938
expires: Mon, 29 Jul 2024 06:58:54 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 3 KB
2 KB 40ms
40ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/267c22ecc15c/1a924dce079c/launch-6d7cb0242bb0-development.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:54 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:31 GMT
server: AkamaiNetStorage
etag: "9cf185793291692f744c78c75da01dd8:1709578291.795602"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1599
expires: Mon, 29 Jul 2024 06:58:54 GMT

OPTIONS
H2 204 /
contentful-graphql-preview.bamcontent.com/content/v1/spaces/iiozhi00a8lc/ Frame 0
0 223ms
128ms Preflight 2600:9000:2491:6400:12:d46c:8900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contentful-graphql-preview.bamcontent.com/content/v1/spaces/iiozhi00a8lc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:6400:12:d46c:8900:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://qa-ids.mlb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 0
date: Mon, 29 Jul 2024 05:58:54 GMT
server: Contentful
strict-transport-security: max-age=15768000
via: 1.1 varnish, 1.1 varnish, 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-id: RtM_Fo1IT07rFYYisg-XAEWY9ybddgJDHEez5jvDkkHnSythghXWYg==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
x-cache-hits: 28, 0
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: 8388d978-5d10-43c4-a405-fc2b8c192a15
x-served-by: cache-ewr18157-EWR, cache-fra-etou8220129-FRA
x-timer: S1722232735.724673,VS0,VE82

POST
H2 200 / Show response
contentful-graphql-preview.bamcontent.com/content/v1/spaces/iiozhi00a8lc/ 5 KB
3 KB 228ms
228ms Fetch
application/json 2600:9000:2491:6400:12:d46c:8900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contentful-graphql-preview.bamcontent.com/content/v1/spaces/iiozhi00a8lc/

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:6400:12:d46c:8900:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Contentful /

Resource Hash

fe983fc68168a673113fdf3fbda985b1c0e5ea55068d818c670814c01aaf5202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
Authorization: Bearer nxVdG9NEdfb5O9Jbjl5ghWCO2y8RxV-Hnjw-5P8Fomg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jul 2024 05:58:55 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
contentful-api: gql
x-amz-cf-pop: FRA56-P7
age: 0
contentful-upstream: graph-api
x-cache: Miss from cloudfront
content-length: 1435
x-served-by: cache-ewr18138-EWR, cache-fra-etou8220154-FRA
x-contentful-request-id: f3491b29-fd56-4f16-a227-d27da9926aa1
x-contentful-graphql-query-cost: 10100
server: Contentful
x-timer: S1722232735.832335,VS0,VE203
etag: "17043966666770826750-gzip"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,HEAD,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-amz-cf-id: _yi8gze5n4offPWO7cfMfONSNvhnGYiFhy_3vpcTUbLjbeAFSjKN_g==
x-contentful-route: /spaces/:spaceId
x-contentful-region: us-east-1
x-cache-hits: 0, 0

GET
H2 200 league-mlb.css
www.mlbstatic.com/mlb.com/clubs/builds/mlb/style/mlb/en/ 23 KB
3 KB 172ms
172ms Stylesheet
text/css 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/clubs/builds/mlb/style/mlb/en/league-mlb.css
Requested by: Host: qa-ids.mlb.com
URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e53b115572bba8c9ba2cfb5840b6e098a9c683f5e77c290dbaf0e7c6c0e4c97a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 29 Jul 2024 05:58:54 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 3143
x-served-by: cache-lga21964-LGA
last-modified: Tue, 04 Feb 2020 12:01:42 GMT
server: UploadServer
x-timer: S1722232735.649983,VS0,VE58
etag: "ddfd4e8f8bb5ea37451b94c4f4898742"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=60
accept-ranges: bytes
expires: Tue, 02 Jul 2024 09:57:30 GMT

POST
H2 200 / Show response
api-js.datadome.co/js/ 228 B
411 B 131ms
54ms XHR
application/json 34.111.46.89
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 89.46.111.34.bc.googleusercontent.com
Software: DataDome /
Resource Hash: 6bd1cd6217594badf950130a90fb6adc91d28f226b7ed6a315986b7c50dcad97

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 29 Jul 2024 05:58:54 GMT
via: 1.1 google
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228
expires: 0

GET
H2 200 proxima-nova-regular.woff2
www.mlbstatic.com/mlb.com/fonts/ 85 KB
85 KB 113ms
113ms Font
font/woff2 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-regular.woff2
Requested by: Host: qa.mlbstatic.com
URL: https://qa.mlbstatic.com/identity/ids-static/202406171951/ids-static.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d5704f066511df22ddf7ae3e75d8134bd1a672f29db2171b14da43a6f6acb4b

Request headers

Referer: https://qa.mlbstatic.com/
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 8803
date: Mon, 29 Jul 2024 05:58:54 GMT
via: 1.1 varnish
age: 2400574
x-cache: HIT
content-length: 87288
x-served-by: cache-lga21946-LGA
last-modified: Tue, 24 Mar 2020 21:03:33 GMT
server: UploadServer
x-timer: S1722232735.690259,VS0,VE0
etag: "fe7a7517200f018db19dd601784e036a"
content-type: font/woff2
access-control-allow-origin: *
content-language: en
cache-control: max-age=31536000
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
accept-ranges: bytes
expires: Tue, 01 Jul 2025 11:09:21 GMT

GET
H/1.1 200
OK iframe.html
login.okta.com/discovery/ Frame 071A 0
0 90ms
28ms Document
text/html 108.138.7.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.okta.com/discovery/iframe.html

Requested by

Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-41.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Age: 1825
Connection: keep-alive
Content-Length: 451
Content-Type: text/html
Date: Mon, 29 Jul 2024 05:28:30 GMT
ETag: "b84c759c61e4500dec73d24345856b08"
Last-Modified: Thu, 06 Jun 2024 15:21:17 GMT
Server: AmazonS3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: dhNvjVcVOrpc59Pr3cAcC-LmejvCdajyropNYbOMVtZT529P5cZS4w==
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Hit from cloudfront

GET
H2 200 dest5.html
mlb.demdex.net/ Frame 370F 0
0 168ms
48ms Document
text/html 52.213.48.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mlb.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.213.48.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-48-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 29 Jul 2024 05:58:54 GMT
dcs: dcs-prod-irl1-2-v063-0907ccebb.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 18 Jul 2024 10:29:28 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: FSoWRPOIQks=

GET
H2 200 id Show response
ans.mlb.com/ 48 B
456 B 128ms
38ms XHR
application/x-javascript 63.140.62.27
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://ans.mlb.com/id?d_visid_ver=3.0.0&d_fieldgroup=A&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&mid=40199466298740267791590197722878824560&ts=1722232734760

Requested by

Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

f8ce3d20e9ad14ba1988240ff1a4b0514cd3c2ef11af78b4595526315fec7415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Jul 2024 05:58:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://qa-ids.mlb.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZqcvngAAAJx8qgN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=40133310718488285791615115608518432712
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqcvngAAAJx8qgN-

42 B
717 B

50ms
50ms

Image
image/gif

52.213.48.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqcvngAAAJx8qgN-

Requested by

Protocol

Server

52.213.48.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-48-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v063-0fbc57458.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 29 Jul 2024 05:58:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: o6IW5cnYQDk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqcvngAAAJx8qgN-
Date: Mon, 29 Jul 2024 05:58:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 favicon.ico
qa-ids.mlb.com/ 5 KB
5 KB 166ms
166ms Other
image/x-icon 151.101.209.60
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-ids.mlb.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.209.60 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.mlb.com: https://.mlb.com: http://localhost:* http://local.milb.com:* https://github.mlbam.net https://.mlbinfra.net https://.mlbinfra.com https://mlbidsqa.oktapreview.com http://.mlbpressbox.com https://.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
date: Mon, 29 Jul 2024 05:58:55 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors http://*.mlb.com:* https://*.mlb.com:* http://localhost:* http://local.milb.com:* https://github.mlbam.net https://*.mlbinfra.net https://*.mlbinfra.com https://mlbidsqa.oktapreview.com http://*.mlbpressbox.com https://*.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
via: 1.1 varnish
x-cache: MISS
content-length: 5430
x-served-by: cache-ewr18171-EWR
last-modified: Mon, 22 Jul 2024 00:13:20 GMT
server: nginx
x-timer: S1722232735.102105,VS0,VE50
etag: W/"5430-1721607200000"
content-type: image/x-icon
accept-ranges: bytes
x-robots-tag: noindex,nofollow
x-cache-hits: 0

GET
H2 200 1.svg
www.mlbstatic.com/team-logos/league-on-light/ 2 KB
1 KB 109ms
109ms Image
image/svg+xml 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mlbstatic.com/team-logos/league-on-light/1.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c7e06e7ed41392c9bd41f352e3a3c40963377ea15be2bb3071b107786d44b2d6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Tue, 23 Jul 2024 11:11:01 GMT
date: Mon, 29 Jul 2024 05:58:55 GMT
content-encoding: gzip
via: 1.1 varnish
x-goog-meta-goog-reserved-file-mtime: 1719328322
age: 499673
x-cache: HIT
content-length: 963
x-served-by: cache-lga21964-LGA
last-modified: Tue, 25 Jun 2024 15:13:28 GMT
server: UploadServer
x-timer: S1722232735.116600,VS0,VE0
etag: "a87c96a0ee8bf8a38be6ff66c06de45c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 2336

GET
H2 200 login_de.json Show response
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/labels/json/ 114 KB
115 KB 258ms
257ms XHR
application/json 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/labels/json/login_de.json

Requested by

Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/js/okta-sign-in.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f14d931caab16e8964d6f23218d7e715e046b30d084b5adb198542d5107beb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 29 Jul 2024 05:58:55 GMT
x-amz-meta-sha1sum: fb5588d244045530664ad10b7d33eb7ef16d6939
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-length: 116587
last-modified: Thu, 08 Feb 2024 00:45:03 GMT
server: nginx
etag: "d516cfb936ccdbddefb7f47947594aac"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: EfINTb9UCz74VxzMaxJj5xDi5clOsjcC_ij7dprSDFibZG43vrGftw==
expires: Tue, 29 Jul 2025 05:58:55 GMT

GET
H2 200 country_de.json Show response
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/labels/json/ 5 KB
5 KB 464ms
463ms XHR
application/json 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/labels/json/country_de.json

Requested by

Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/js/okta-sign-in.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 29 Jul 2024 05:58:55 GMT
x-amz-meta-sha1sum: 251dd1ccca4c80570aee52db71eed703ac579ad8
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-length: 4805
last-modified: Thu, 08 Feb 2024 00:45:00 GMT
server: nginx
etag: "51bec6463b4f7c5a26ede1fd8ee067f8"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: mgjBMwH6qR0ooNNEgQkd06mXZiKJXkk1zCEHVb9cA0On8RsNk3juRw==
expires: Tue, 29 Jul 2025 05:58:55 GMT

GET
H2 200 fs01nl7bcq6QIFLdi0h8
op1static.oktacdn.com/fs/bco/1/ 809 B
0 0ms
0ms Image
image/png 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://op1static.oktacdn.com/fs/bco/1/fs01nl7bcq6QIFLdi0h8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-82.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8131b45b3fe445f197bb26066ad99f91ef8c79c99a0c6f2a47550ac40d1e85fe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 05:58:54 GMT
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 11:28:47 GMT
server: nginx
x-amz-cf-pop: FRA56-P11
etag: "8c27e876e44c7ab045ab308491ff2177"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
content-length: 809
x-amz-cf-id: fDBBUlekWPDlU0i3iXvIeQM8s2YLozdPCuOXaZrM5d1d0QTL0BorCA==
expires: Tue, 29 Jul 2025 05:58:54 GMT

POST
H2 200 introspect Show response
qa-ids.mlb.com/idp/idx/ 23 KB
24 KB 222ms
221ms Fetch
application/ion+json 151.101.209.60
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qa-ids.mlb.com/idp/idx/introspect

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.209.60 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

71b35110d632443d54bca51379073458c53289b43da954b0e9cecc11e6203fe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.mlb.com: https://.mlb.com: http://localhost:* http://local.milb.com:* https://github.mlbam.net https://.mlbinfra.net https://.mlbinfra.com https://mlbidsqa.oktapreview.com http://.mlbpressbox.com https://.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/ion+json; okta-version=1.0.0
Referer
X-Okta-User-Agent-Extended: okta-auth-js/7.0.1 okta-signin-widget-7.15.1
Accept-Language: de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id: Zqcvn4LXu4gppNbO74xLfgAAAEk
strict-transport-security: max-age=315360000; includeSubDomains
date: Mon, 29 Jul 2024 05:58:55 GMT
x-rate-limit-limit: 2000
x-content-type-options: nosniff
via: 1.1 varnish
x-rate-limit-remaining: 1999
x-datadome: protected
expires: 0
content-security-policy: frame-ancestors http://*.mlb.com:* https://*.mlb.com:* http://localhost:* http://local.milb.com:* https://github.mlbam.net https://*.mlbinfra.net https://*.mlbinfra.com https://mlbidsqa.oktapreview.com http://*.mlbpressbox.com https://*.mlbpressbox.com https://api-staging.mobilecoach.org https://app-staging.mobilecoach.org https://nats.pogoseat.com https://privacyportal-uat-cdn.onetrust.com https://mlbstg-chromecast.storage.googleapis.com https://pickle-dev.gamingeng-gcp-npd.mlbinfra.net https://pickle-qa.gamingeng-gcp-npd.mlbinfra.net https://qa-gcp.milb.com https://dev-gcp.milb.com
x-cache: MISS
p3p: CP="HONK"
fastly-restarts: 1
x-xss-protection: 0
x-served-by: cache-ewr18171-EWR
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
accept-ch: Sec-CH-UA-Platform-Version
x-timer: S1722232736.599895,VS0,VS0,VE105
vary: Origin
content-type: application/ion+json;okta-version=1.0.0
access-control-allow-origin: https://qa-ids.mlb.com
x-rate-limit-reset: 1722232795
access-control-allow-credentials: true
cache-control: no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex,nofollow
x-cache-hits: 0

GET s59150626257699
ans.mlb.com/b/ss/devmlbglobal/1/JS-2.26.0-LDQM/ 0
0

GET checkbox-sign-in-widget.png
op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/img/ui/forms/ 0
0

GET proxima-nova-bold.woff2
www.mlbstatic.com/mlb.com/fonts/ 0
0

GET proximanova-reg-webfont.353416ed0ff540352235.woff2
op1static.oktacdn.com/assets/loginpage/font/assets/ 0
0

GET
H2 200 proximanova-reg-webfont.51ac1a980f546ac17d67.woff
op1static.oktacdn.com/assets/loginpage/font/assets/ 26 KB
26 KB 22ms
22ms Font
application/font-woff 18.244.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://op1static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.51ac1a980f546ac17d67.woff

Requested by

Host: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-82.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6a78a874fd1c1cf05e38e67de04218556861ed683312915b8e2f957d2affa71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://op1static.oktacdn.com/assets/loginpage/css/custom-signin.73947dcedbe30f708373f1b3405f6417.css
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 09:10:17 GMT
x-amz-meta-sha1sum: abe506d7e49bf7517c17b6d3231ddd5f8742ed13
via: 1.1 354c49ee216d1b8ed995ee7b94d96f10.cloudfront.net (CloudFront)
strict-transport-security: max-age=315360000; includeSubDomains
x-amz-cf-pop: FRA56-P11
age: 593318
x-cache: Hit from cloudfront
content-length: 26128
last-modified: Wed, 01 Nov 2023 21:37:52 GMT
server: nginx
etag: "4bcd85b755307175b40b8e565d4c0bea"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: p2latz1fqV0JwfjNrJfBibC4Rwro9BI01JpDfdQ2fOJPmUzHYTToYQ==
expires: Tue, 22 Jul 2025 09:10:17 GMT

GET
H2 200 proxima-nova-bold.woff
www.mlbstatic.com/mlb.com/fonts/ 140 KB
140 KB 127ms
127ms Font
font/woff 199.232.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold.woff
Requested by: Host: qa.mlbstatic.com
URL: https://qa.mlbstatic.com/identity/ids-static/202406171951/ids-static.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ccfd64942ddb9dfdcab2b430b2751356b0ebee0150a4a10c6981cc4cfc8e1e5

Request headers

Referer: https://qa.mlbstatic.com/
Origin: https://qa-ids.mlb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 29 Jul 2024 05:58:55 GMT
via: 1.1 varnish
age: 345729
x-cache: HIT
content-length: 143224
x-served-by: cache-lga21946-LGA
last-modified: Tue, 24 Mar 2020 21:05:10 GMT
server: UploadServer
x-timer: S1722232736.881169,VS0,VE1
etag: "8495a5b385b930f4994722bd2426f521"
content-type: font/woff
access-control-allow-origin: *
content-language: en
cache-control: max-age=31536000
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
accept-ranges: bytes
expires: Wed, 28 May 2025 10:25:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ans.mlb.com
URL: https://ans.mlb.com/b/ss/devmlbglobal/1/JS-2.26.0-LDQM/s59150626257699?AQB=1&ndh=1&pf=1&t=29%2F6%2F2024%207%3A58%3A55%201%20-120&mid=40199466298740267791590197722878824560&aamlh=6&ce=UTF-8&pageName=Major%20League%20Baseball%3A%20Login%3A%20Email&g=https%3A%2F%2Fqa-ids.mlb.com%2Foauth2%2Fausg0y0s07iKGqVKv0h7%2Fv1%2Fauthorize%3Fclient_id%3D0oa1iowtlbthqTuJj0h8%26code_challenge%3DtsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk%26code_challenge_method%3DS256%26nonce%3DPkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh%26red&r=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2F&cc=USD&ch=Account&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=irect_uri%3Dhttps%253A%252F%252Fqa-ticket-wlist.mlb.com%252Flogin%252Fcallback%26response_type%3Dcode%26state%3Dz8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ%26scope%3Dopenid%2520email%2520profile&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&AQE=1

Domain: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.15.1/img/ui/forms/checkbox-sign-in-widget.png

Domain: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold.woff2

Domain: op1static.oktacdn.com
URL: https://op1static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qa-ids.mlb.com/	1969-12-31 23:59:59	Name: t Value: default
qa-ids.mlb.com/	1970-01-21 07:59:52	Name: DT Value: DI1B-xP3B6_Tty-DRIz3_kAPw
.demdex.net/	1970-01-21 02:43:04	Name: demdex Value: 40133310718488285791615115608518432712
.mlb.com/	1969-12-31 23:59:59	Name: AMCVS_A65F776A5245B01B0A490D44%40AdobeOrg Value: 1
.mlb.com/	1970-01-21 07:59:52	Name: s_ecid Value: MCMID%7C40199466298740267791590197722878824560
.dpm.demdex.net/	1970-01-21 02:43:04	Name: dpm Value: 40133310718488285791615115608518432712
.mlb.com/	1970-01-21 07:59:52	Name: AMCV_A65F776A5245B01B0A490D44%40AdobeOrg Value: 1687686476%7CMCIDTS%7C19934%7CMCMID%7C40199466298740267791590197722878824560%7CMCAAMLH-1722837534%7C6%7CMCAAMB-1722837534%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1722239934s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19941%7CvVersion%7C3.0.0
.agkn.com/	1970-01-21 07:09:28	Name: ab Value: 0001%3AP%2BrQkPQOdjlkzEIuUgVrII5X3GbWDKng
.doubleclick.net/	1970-01-21 07:45:28	Name: IDE Value: AHWqTUnfPJL8Tz96qIGVzZdN_O-8CpC97Z1Y2s96JGVcNuK-hJR2VZ6NGlYgFlSNwtI
qa-ids.mlb.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 97D5576F54CA3852A4F6E2AF89424C64
.mlb.com/	1970-01-21 07:09:28	Name: datadome Value: YtmqH49WLDB4mu0LKLCxZoYzeW1zUAf9avQ1uhGHLpZ9arPj3oMcUdcnIA4V3nCpOKjBjMYqaOuNLJM2bT9LUaX~8z5Ce5c4ZuhpAvvsuzHLiZvKjAPUCt7~~c3Mcyre
.demdex.net/	1970-01-21 02:43:04	Name: dextp Value: 21-1-1722232734952\|60-1-1722232735053\|477-1-1722232735154\|601-1-1722232735254\|771-1-1722232735355\|22052-1-1722232735455\|575-1-1722232735556\|73426-1-1722232735657\|121998-1-1722232735757
.mlb.com/	1969-12-31 23:59:59	Name: s_cc Value: true

59 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile(Line 5) Message: [Report Only] Refused to load the script 'https://js.datadome.co/tags.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://www.mlbstatic.com/mlb.com/vendor/react/16/react.production.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://www.mlbstatic.com/mlb.com/vendor/react/16/react-dom.production.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile(Line 32) Message: [Report Only] Refused to load the stylesheet 'https://qa.mlbstatic.com/identity/ids-static/202406171951/ids-static.min.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://qa.mlbstatic.com/identity/ids-static/202406171951/ids-static.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://qa.mlbstatic.com/mlb.com/vendor/mlb-okta/mlb-okta.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to create a worker from 'blob:https://qa-ids.mlb.com/f8aeaaa6-9cc7-4e47-ba04-22c2fb67bfc2' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-thin.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-thin.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-thin-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-thin-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-light.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-light.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-light-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-light-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-regular.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-regular.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-regular-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-regular-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-medium.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-medium.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-medium-it.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-medium-it.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-semibold.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-semibold.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-semibold-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-semibold-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-bold-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-extrabold.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-extrabold.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-extrabold-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-extrabold-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-black.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-black.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-black-italic.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to load the font 'https://www.mlbstatic.com/mlb.com/fonts/proxima-nova-black-italic.woff' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to create a worker from 'blob:https://qa-ids.mlb.com/f8aeaaa6-9cc7-4e47-ba04-22c2fb67bfc2' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js(Line 6) Message: [Report Only] Refused to connect to 'https://dpm.demdex.net/id?d_visid_ver=3.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A65F776A5245B01B0A490D44%40AdobeOrg&d_nsid=0&ts=1722232734580' because it violates the following Content Security Policy directive: "connect-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.oktapreview.com mlbidsqa.kerberos.oktapreview.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://www.mlbstatic.com/mlb.com/adobe-analytics/adobe-client-data-layer.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the script 'https://assets.adobedtm.com/267c22ecc15c/1a924dce079c/launch-6d7cb0242bb0-development.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://assets.adobedtm.com/267c22ecc15c/1a924dce079c/launch-6d7cb0242bb0-development.min.js(Line 5) Message: [Report Only] Refused to load the script 'https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://assets.adobedtm.com/267c22ecc15c/1a924dce079c/launch-6d7cb0242bb0-development.min.js(Line 5) Message: [Report Only] Refused to load the script 'https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to connect to 'https://contentful-graphql-preview.bamcontent.com/content/v1/spaces/iiozhi00a8lc/' because it violates the following Content Security Policy directive: "connect-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.oktapreview.com mlbidsqa.kerberos.oktapreview.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to connect to 'https://contentful-graphql-preview.bamcontent.com/content/v1/spaces/iiozhi00a8lc/' because it violates the following Content Security Policy directive: "connect-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.oktapreview.com mlbidsqa.kerberos.oktapreview.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile(Line 660) Message: [Report Only] Refused to load the stylesheet 'https://www.mlbstatic.com/mlb.com/clubs/builds/mlb/style/mlb/en/league-mlb.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://js.datadome.co/tags.js(Line 1) Message: [Report Only] Refused to connect to 'https://api-js.datadome.co/js/' because it violates the following Content Security Policy directive: "connect-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.oktapreview.com mlbidsqa.kerberos.oktapreview.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.mlbstatic.com/mlb.com/adobe-analytics/VisitorAPI.js(Line 6) Message: [Report Only] Refused to connect to 'https://ans.mlb.com/id?d_visid_ver=3.0.0&d_fieldgroup=A&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&mid=40199466298740267791590197722878824560&ts=1722232734760' because it violates the following Content Security Policy directive: "connect-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.oktapreview.com mlbidsqa.kerberos.oktapreview.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the image 'https://cm.everesttech.net/cm/dd?d_uuid=40133310718488285791615115608518432712' because it violates the following Content Security Policy directive: "img-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://www.mlbstatic.com/ Message: [Report Only] Refused to frame 'https://mlb.demdex.net/' because it violates the following Content Security Policy directive: "frame-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com login.okta.com *.vidyard.com com-okta-authenticator:".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the font 'https://content.mlb.com/documents/1/3/2/215308132/benton_sans_cond_medium.woff2' because it violates the following Content Security Policy directive: "font-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://www.mlbstatic.com/ Message: [Report Only] Refused to frame 'https://mlb.demdex.net/' because it violates the following Content Security Policy directive: "frame-src 'self' mlbidsqa.oktapreview.com mlbidsqa-admin.oktapreview.com qa-ids.mlb.com login.okta.com *.vidyard.com com-okta-authenticator:".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the image 'https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZqcvngAAAJx8qgN-' because it violates the following Content Security Policy directive: "img-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the image 'https://www.mlbstatic.com/team-logos/league-on-light/1.svg' because it violates the following Content Security Policy directive: "img-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the image 'https://www.mlbstatic.com/team-logos/league-on-light/1.svg' because it violates the following Content Security Policy directive: "img-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://qa-ids.mlb.com/oauth2/ausg0y0s07iKGqVKv0h7/v1/authorize?client_id=0oa1iowtlbthqTuJj0h8&code_challenge=tsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk&code_challenge_method=S256&nonce=PkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh&redirect_uri=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2Flogin%2Fcallback&response_type=code&state=z8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ&scope=openid%20email%20profile Message: [Report Only] Refused to load the image 'https://ans.mlb.com/b/ss/devmlbglobal/1/JS-2.26.0-LDQM/s59150626257699?AQB=1&ndh=1&pf=1&t=29%2F6%2F2024%207%3A58%3A55%201%20-120&mid=40199466298740267791590197722878824560&aamlh=6&ce=UTF-8&pageName=Major%20League%20Baseball%3A%20Login%3A%20Email&g=https%3A%2F%2Fqa-ids.mlb.com%2Foauth2%2Fausg0y0s07iKGqVKv0h7%2Fv1%2Fauthorize%3Fclient_id%3D0oa1iowtlbthqTuJj0h8%26code_challenge%3DtsK5wI_X2fQMTr9mUSdT217OE9DsYjPrIkgPDbUPIOk%26code_challenge_method%3DS256%26nonce%3DPkA5HXJLMjhH3idqI1cucL7XkxzfVSZhkzpgZI4Q0N3yuHwN2f87tAu6w5uiOyMh%26red&r=https%3A%2F%2Fqa-ticket-wlist.mlb.com%2F&cc=USD&ch=Account&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=irect_uri%3Dhttps%253A%252F%252Fqa-ticket-wlist.mlb.com%252Flogin%252Fcallback%26response_type%3Dcode%26state%3Dz8KWAO34jqtuf3PXLAtn2rRuPoiagykYRRupcxIIHwaAjyadiWjMwWNOJeWfAZSJ%26scope%3Dopenid%2520email%2520profile&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&AQE=1' because it violates the following Content Security Policy directive: "img-src 'self' mlbidsqa.oktapreview.com qa-ids.mlb.com .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ans.mlb.com
api-js.datadome.co
assets.adobedtm.com
cdnjs.cloudflare.com
cm.everesttech.net
contentful-graphql-preview.bamcontent.com
dpm.demdex.net
js.datadome.co
login.okta.com
mlb.demdex.net
op1static.oktacdn.com
qa-ids.mlb.com
qa-ticket-wlist.mlb.com
qa.mlbstatic.com
www.mlbstatic.com
ans.mlb.com
op1static.oktacdn.com
www.mlbstatic.com
108.138.7.41
151.101.209.60
151.101.209.91
18.244.18.82
18.66.122.11
199.232.37.91
2600:9000:2491:6400:12:d46c:8900:93a1
2606:4700::6811:190e
2a02:26f0:3500:587::1e80
34.111.46.89
35.244.249.42
52.19.10.201
52.213.48.74
63.140.62.27
16dc8f2d91d56be3d08dc07690c9ea1308428607f7704ce9f133b3e82bd1faec
19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde
280f9a5d22d25cc1197bedc0ab4294fee92e6f9a22afb8fba4116288e639f774
2a5722d868ac883e7d47a4de2a9b5e049db3b5ea324064d08b898a48494db036
2dbbd961c9e9750bd527a798381554ec4e94245b30f4f0678306c887d026819e
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
6196e9789b36230cf00be4881778091106cf1e06f51b502febfa1155fef28a0d
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
6a78a874fd1c1cf05e38e67de04218556861ed683312915b8e2f957d2affa71c
6bd1cd6217594badf950130a90fb6adc91d28f226b7ed6a315986b7c50dcad97
71b35110d632443d54bca51379073458c53289b43da954b0e9cecc11e6203fe0
74a05e509d1123382e1530f98d8c55bfcf92a7bb1b19d16156ee2e2b1172c59e
79e149cae4cee318fb0fc5beb4feec6880022de818efdb269f8cf90298d61a00
80c877c8620cf87e48261427f6a83be61e217940b2dba8fbfee0a3ac968e264c
8131b45b3fe445f197bb26066ad99f91ef8c79c99a0c6f2a47550ac40d1e85fe
88b154b920feffb91942882165250b1dc16317ad4db9a90f93523445f8116ea2
8a311e5b9b46a222adf695e2a0cc401ef21241e0a33dc8802d6557496158facb
8ccfd64942ddb9dfdcab2b430b2751356b0ebee0150a4a10c6981cc4cfc8e1e5
8e89d0cfdaafe955949caf78a5391aac6b94ea893841c77dcba37b88ee49f52f
965301d82ae5432e113c4bf2fe253789812e4cf207cb49103bf71b72e6e08645
9d5704f066511df22ddf7ae3e75d8134bd1a672f29db2171b14da43a6f6acb4b
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
c30df3fc1ff42d41d64dbf2968d2e50aae19941dbb774642c463d345a5c9f15b
c7e06e7ed41392c9bd41f352e3a3c40963377ea15be2bb3071b107786d44b2d6
e37ba012affeffe752555f96cc235fffbef29e3274a9950c25185e16eee70310
e53b115572bba8c9ba2cfb5840b6e098a9c683f5e77c290dbaf0e7c6c0e4c97a
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
e756aa89a9ef53bf52b3d0a9426d5b0cd5720289b595935859061a07a8d684b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
f14d931caab16e8964d6f23218d7e715e046b30d084b5adb198542d5107beb91
f5714ca2808c27d3c1e3b86e3c593ccf6b875d6b2d1fec394be7896adb26cccb
f8ce3d20e9ad14ba1988240ff1a4b0514cd3c2ef11af78b4595526315fec7415
f9e86fb363a05f75ab3b525439d46bf4911d4cd4ae94c656c0198206374002aa
fe983fc68168a673113fdf3fbda985b1c0e5ea55068d818c670814c01aaf5202

qa-ids.mlb.com Open in urlscan Pro 151.101.209.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

87 %HTTPS

21 %IPv6

10 Domains

15 Subdomains

14 IPs

3 Countries

2093 kBTransfer

5130 kBSize

13 Cookies

6 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qa-ids.mlb.com Open in urlscan Pro
151.101.209.60 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

87 %
HTTPS

21 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

2093 kB
Transfer

5130 kB
Size

13
Cookies

47 HTTP transactions
0 data transactions