urlscan.io logo urlscan.io
SecurityTrails logo

highticketai.com Open in urlscan Pro
2606:4700::6810:cc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://affiliatemarkingbiz.com/
Effective URL: https://highticketai.com/htai-sales
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On January 27 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 11 domains to perform 26 HTTP transactions. The main IP is 2606:4700::6810:cc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is highticketai.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 27th 2023. Valid for: a year.
This is the only time highticketai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 172.66.40.88 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
26 10
1    2606:4700:3035::6815:5ef1 (United States)

ASN13335 (CLOUDFLARENET, US)
affiliatemarkingbiz.com
4    2606:4700:3036::ac43:bcf6 (United States)

ASN13335 (CLOUDFLARENET, US)
llclickpro.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700:3032::6815:99 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.leadsleap.net
4    172.66.40.88 (United States)

ASN13335 (CLOUDFLARENET, US)
warriorplus.com
3    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
6    2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)
highticketai.com
2    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
6 highticketai.com
highticketai.com
88 KB
4 warriorplus.com
warriorplus.com — Cisco Umbrella Rank: 517886
38 KB
4 llclickpro.com
llclickpro.com
6 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
20 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
challenges.cloudflare.com — Cisco Umbrella Rank: 5168
40 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
24 KB
1 leadsleap.net
pixel.leadsleap.net — Cisco Umbrella Rank: 916141
951 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
63 KB
1 affiliatemarkingbiz.com
affiliatemarkingbiz.com
710 B
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 nr-data.net Failed
bam.nr-data.net Failed
26 11
Domain Requested by
6 highticketai.com warriorplus.com
highticketai.com
static.cloudflareinsights.com
4 warriorplus.com 1 redirects llclickpro.com
warriorplus.com
static.cloudflareinsights.com
4 llclickpro.com llclickpro.com
cdnjs.cloudflare.com
3 static.cloudflareinsights.com warriorplus.com
highticketai.com
2 challenges.cloudflare.com highticketai.com
challenges.cloudflare.com
1 js-agent.newrelic.com warriorplus.com
1 pixel.leadsleap.net llclickpro.com
1 code.jquery.com llclickpro.com
1 cdnjs.cloudflare.com llclickpro.com
1 affiliatemarkingbiz.com 1 redirects
0 www.googletagmanager.com Failed warriorplus.com
0 bam.nr-data.net Failed warriorplus.com
26 12

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
llclickpro.com
GTS CA 1P5		 2024-01-21 -
2024-04-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
leadsleap.net
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
highticketai.com
Cloudflare Inc ECC CA-3		 2023-11-27 -
2024-11-26		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://highticketai.com/htai-sales
Frame ID: A815A81AA9FFC491E4FEA65D94D71B14
Requests: 24 HTTP requests in this frame

Frame: https://pixel.leadsleap.net/set.html?n1=lltkra222684&v1=391542.28&n2=lltkrb222684&v2=391542.28
Frame ID: ED8CB92CA8488CB413249F7359B10721
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/quk09/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 28E0A94A9A466D0CD7BE80C96405E606
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://affiliatemarkingbiz.com/ HTTP 301
    https://llclickpro.com/r/income-opportunities/shorts Page URL
  2. https://warriorplus.com/o2/a/vjpvd8/0 Page URL
  3. https://warriorplus.com/o2/a/vjpvd8/0?nonce=3c5c8fb0d850bd744d40bb2c7004f6b2b3999cba HTTP 302
    https://warriorplus.com/o/view/sw44ly/affc_vjpvd8 Page URL
  4. https://highticketai.com/htai-sales Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

26
Requests

85 %
HTTPS

80 %
IPv6

11
Domains

12
Subdomains

10
IPs

1
Countries

280 kB
Transfer

805 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://affiliatemarkingbiz.com/ HTTP 301
    https://llclickpro.com/r/income-opportunities/shorts Page URL
  2. https://warriorplus.com/o2/a/vjpvd8/0 Page URL
  3. https://warriorplus.com/o2/a/vjpvd8/0?nonce=3c5c8fb0d850bd744d40bb2c7004f6b2b3999cba HTTP 302
    https://warriorplus.com/o/view/sw44ly/affc_vjpvd8 Page URL
  4. https://highticketai.com/htai-sales Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://affiliatemarkingbiz.com/ HTTP 301
  • https://llclickpro.com/r/income-opportunities/shorts
Request Chain 11
  • https://warriorplus.com/o2/a/vjpvd8/0?nonce=3c5c8fb0d850bd744d40bb2c7004f6b2b3999cba HTTP 302
  • https://warriorplus.com/o/view/sw44ly/affc_vjpvd8

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
shorts
llclickpro.com/r/income-opportunities/
Redirect Chain
  • http://affiliatemarkingbiz.com/
  • https://llclickpro.com/r/income-opportunities/shorts
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llclickpro.com/r/income-opportunities/shorts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:bcf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a2a5d14ba27b248d5002e872c7540c3de50b683d6eaac54093c1b85c2ecabb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c4d7274e0580ed-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 23:40:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Za7aP%2BgYmfGq7Xjs0V%2BjpwV3MRQo8%2FjLkGNjmP3GgUzZww5cg%2Fh%2FazoPyMaLH0JV1Snuq5WHC11OKkcPgBUsubiOYUusQLT8L3%2B0Zv8yt8mSPnDOha0PRtf8jbZog0nUDKeTFtV4qg8p9Bv%2FRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
84c4d7271f28af93-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 27 Jan 2024 23:40:23 GMT
Expires
Sun, 28 Jan 2024 00:40:23 GMT
Location
https://llclickpro.com/r/income-opportunities/shorts
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5tVm0OgiwHFDXriImq52a3VyfBgGWWm2fQYwWvdprlxU1o9qimhklPChh5jQPyHvJAgqsPstFI4jxwwHlNhilog6LjYV0v1kSzEbaxRyeffXUApHeurKyjnXJVWFliTixkcTmVoGWEoy0s%2BoSDUIPrrlvyEdA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: llclickpro.com
URL: https://llclickpro.com/r/income-opportunities/shorts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://llclickpro.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4342556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26909
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtkeqEwONPKl5tJlywxLvNlQn4EiJyo1tr2nM0eQp3n%2BQSaxg5AfAqK372FIRIvoCVv3zgBeZA2XzOJcvQZkvNhkmqYEsrYNFeMO8Shg30AMxntpRCgIb1aPKmXGMZtoRFcnQHmfTWoGgMEEWp3bftrm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c4d72a59a025f0-NRT
expires
Thu, 16 Jan 2025 23:40:24 GMT
jquery-ui.min.js
code.jquery.com/ui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by
Host: llclickpro.com
URL: https://llclickpro.com/r/income-opportunities/shorts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer
https://llclickpro.com/
Origin
https://llclickpro.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
11596621
x-cache
HIT, HIT
content-length
64296
x-served-by
cache-lga21924-LGA, cache-nrt-rjtf7700053-NRT
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706398824.056711,VS0,VE0
etag
W/"28feccc0-3ab2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
61, 138435
trackr.js
llclickpro.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://llclickpro.com/trackr.js?v=53
Requested by
Host: llclickpro.com
URL: https://llclickpro.com/r/income-opportunities/shorts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:bcf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cd015e9229b6cd55447e4be0b06f3e215cf3639c403ed84d6f8369aab40874

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://llclickpro.com/r/income-opportunities/shorts
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:24 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 07 Sep 2022 02:09:38 GMT
server
cloudflare
age
556
cf-polished
origSize=15670
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0YbP6YM7knS4MGIByyRP%2BaT2mDLKaM%2BRzl2ibF1YOfDm7QCxH%2Fv2liSZrSWh%2FYnkc2Y5a4X5x2qt2nBwbIwT9x%2BtTgtAw93%2FSodQ0pgWUxAYdzLEKCwpXekFZbu9GbgFd960gzv9iDIs9%2FEMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84c4d72a48de80ed-NRT
alt-svc
h3=":443"; ma=86400
loading.php
llclickpro.com/ 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llclickpro.com/loading.php
Requested by
Host: llclickpro.com
URL: https://llclickpro.com/r/income-opportunities/shorts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:bcf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://llclickpro.com/r/income-opportunities/shorts
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmZfkxWcWWTFPyowldx8I0dsT9hCX2DZ1naM0iQUz6fxDIJUzBrKIpQCNrzmPVo3XdGNBr0Tlfj4ySeLShUSGwaiXjcd747yJZy0xTJ%2FcVAYGenBTuMult1ZYwbfOYuD0il0zqQ4IKz4ExJKTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
84c4d72a6deaf5ab-NRT
alt-svc
h3=":443"; ma=86400
set.html
pixel.leadsleap.net/ Frame ED8C 		2 KB
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.leadsleap.net/set.html?n1=lltkra222684&v1=391542.28&n2=lltkrb222684&v2=391542.28
Requested by
Host: llclickpro.com
URL: https://llclickpro.com/r/income-opportunities/shorts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f

Request headers

Referer
https://llclickpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c4d72ab9df5eaf-NRT
content-encoding
br
content-type
text/html
date
Sat, 27 Jan 2024 23:40:24 GMT
last-modified
Thu, 01 Oct 2020 11:41:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0LSXbgjBeNLDYxsHCeIuMThJJDIKcUiHZh8KxFXyjMFj2ScbuL1X1KBWfL4PtHwddU18Q3TVbSk15cK3SshJ0ftS9YqPFmsOkbgxVAKuNZTuRG6FY8OLgvkpxm5orDgJfDVAhEKYzvp0qxwatwwhZi0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ajax.php
llclickpro.com/ 		0
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://llclickpro.com/ajax.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:bcf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Referer
https://llclickpro.com/r/income-opportunities/shorts
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 Jan 2024 23:40:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydBqXDZ4rGsoOFTUqaucSMd%2FKB9PGY1Kb5iwu0POTKqVG%2By7hVwVv5mxfx09Gh2NYh%2BKXVbLXJk0VVWhrezgPfcxCLewiqtccKy8nzVAg7u4s0ukgMyvrMoBNnvv0j3YNgGhGfMpCj3d7l42BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
84c4d730dafaf5ab-NRT
alt-svc
h3=":443"; ma=86400
0
warriorplus.com/o2/a/vjpvd8/ 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warriorplus.com/o2/a/vjpvd8/0
Requested by
Host: llclickpro.com
URL: https://llclickpro.com/trackr.js?v=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash
728783d463ffee1106ffa506880b28363a7f49214470ae8e9fb5db38b2a6747b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://llclickpro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84c4d732afea808f-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 23:40:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmnbyszpHlQ8R8MbqD6y9P%2FHUSZN83jZQ6R5aG22W2uvpmgIXMMFAxgOvd1gJA6xcGXV71qbrA1vfqEAQxl7K3j%2BZlR7nwKWmIhm%2BvTpQCVIopReuvKZxPvAdXMH9g8a7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/vjpvd8/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://warriorplus.com/
Origin
https://warriorplus.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84c4d7342d45795e-NRT
nr-full-1.250.0.min.js
js-agent.newrelic.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-full-1.250.0.min.js
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/vjpvd8/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://warriorplus.com/
Origin
https://warriorplus.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
qs9n_ILKatHMtlxFOHQji1VJgUvP683D
content-encoding
br
via
1.1 varnish
date
Sat, 27 Jan 2024 23:40:25 GMT
strict-transport-security
max-age=300
x-amz-request-id
TM314CC3VZBS8EJR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
24206
x-amz-id-2
wgdnrGONwsWgtLMoxKyObjxci24nj4wI6EwaNK/EYvKxvnIKdf8OplGgp46n9G1/A4VdicCQX+Y=
x-served-by
cache-nrt-rjtf7700025-NRT
last-modified
Tue, 09 Jan 2024 19:15:56 GMT
server
AmazonS3
x-timer
S1706398826.677769,VS0,VE0
etag
"5ebd0f7d438a3335d147eacbf5902667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
607913
rum
warriorplus.com/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://warriorplus.com/cdn-cgi/rum?
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/vjpvd8/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
VQcDWVBRCBABV1RUAgYOXg==
Referer
https://warriorplus.com/o2/a/vjpvd8/0
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 23:40:25 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://warriorplus.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
84c4d73478cf808f-NRT
affc_vjpvd8
warriorplus.com/o/view/sw44ly/
Redirect Chain
  • https://warriorplus.com/o2/a/vjpvd8/0?nonce=3c5c8fb0d850bd744d40bb2c7004f6b2b3999cba
  • https://warriorplus.com/o/view/sw44ly/affc_vjpvd8
50 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warriorplus.com/o/view/sw44ly/affc_vjpvd8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash
d096660ecc8549ebe52d2bbad2aee74df0fc2c6da4f6143456658701e9bdc6a6

Request headers

Referer
https://warriorplus.com/o2/a/vjpvd8/0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84c4d735bd63f577-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 23:40:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FgiwicCR2Y29wSCR8sS9BtRBLcxJE9COqgA8HvBA3DbWIFeWHecaf6XkVkxanHnzA3NrAFs0Pmef%2F12f7gRTLTnWCFEaaG7%2BQcUSj15WOH9ZPUdOhssmMVeOEU7tzFCtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84c4d73478d0808f-NRT
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 23:40:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/o/view/sw44ly/affc_vjpvd8
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bduJlyaP07yt0Moyjkd0knOkXSQqqV%2BnM6lNV166CFrNwz9ngD32AfgyL3upXrrv552TxSRoaZ44hkWpL9yZD7zEhtIEwLH%2FmcIFGPfBeDjaxE1f%2FQmkioA67RskC9XL1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
undefined
bam.nr-data.net/1/ 		0
0
rum
warriorplus.com/cdn-cgi/ 		0
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/sw44ly/affc_vjpvd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://warriorplus.com/
Origin
https://warriorplus.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:26 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84c4d7377814795e-NRT
gtm.js
www.googletagmanager.com/ 		0
0
Primary Request htai-sales
highticketai.com/ 		13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://highticketai.com/htai-sales
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/sw44ly/affc_vjpvd8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf8c61cad2ebe4fba5aa5a8c103cdc08d01fd7c1f3fd7577d7f97cafb1f2f52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://warriorplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
84c4d737d87034c9-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 27 Jan 2024 23:40:26 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: highticketai.com
URL: https://highticketai.com/htai-sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin
https://highticketai.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:26 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84c4d73838e9795e-NRT
v1
highticketai.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://highticketai.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84c4d737d87034c9
Requested by
Host: highticketai.com
URL: https://highticketai.com/htai-sales
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c96aee118a1a5348750823aeebe10208e6de5aa0792aa3edac775961c348391

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://highticketai.com/htai-sales?__cf_chl_rt_tk=SlcFETqvFM8YAgE1gSsHSBV8J_ORwqmf.ACWTnGj_cs-1706398826-0-gaNycGzNDOU
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:26 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
server
cloudflare
cf-ray
84c4d73858ce34c9-NRT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/g/ea25f566/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=xZNcr9&render=explicit
Requested by
Host: highticketai.com
URL: https://highticketai.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84c4d737d87034c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c

Request headers

Referer
Origin
https://highticketai.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:26 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
84c4d738a92625fc-NRT
alt-svc
h3=":443"; ma=86400
favicon.ico
highticketai.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://highticketai.com/favicon.ico
Requested by
Host: highticketai.com
URL: https://highticketai.com/htai-sales
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae56e98e0e6dd2b85eebeb0ba1ec661f8b754dc44420457e1ce6f6573b53b5a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://highticketai.com/htai-sales
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 27 Jan 2024 23:40:26 GMT
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
84c4d738990834c9-NRT
expires
Thu, 01 Jan 1970 00:00:01 GMT
4e95b583-8da2-43b9-b357-9505306f0e7c
https://highticketai.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://highticketai.com/4e95b583-8da2-43b9-b357-9505306f0e7c
Requested by
Host: highticketai.com
URL: https://highticketai.com/htai-sales
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://highticketai.com/htai-sales
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Length
13
Content-Type
text/javascript
rum
highticketai.com/cdn-cgi/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://highticketai.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://highticketai.com/htai-sales
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 23:40:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://highticketai.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
84c4d738d92f34c9-NRT
85ff0ac6f95d427
highticketai.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1389519080:1706396802:bG-Ec46HF5eIPrFn6wvas8RaImHeDwh7oF-wvyf7t9w/84c4d737d87034c9/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://highticketai.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1389519080:1706396802:bG-Ec46HF5eIPrFn6wvas8RaImHeDwh7oF-wvyf7t9w/84c4d737d87034c9/85ff0ac6f95d427
Requested by
Host: highticketai.com
URL: https://highticketai.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84c4d737d87034c9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d4e1f67cb6b54496740fcb0b396fc501eacf22fd11aabefccaa21a98c7d668

Request headers

Referer
https://highticketai.com/htai-sales
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
CF-Challenge
85ff0ac6f95d427
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
ONG7YB5C+0YilVvXHVQ9BOIBYkrxQrZeBbIoWpMogFtrfRju1WJJPH8dxkkr6zI+$qO/Ri0ypnASyGLpTKb907w==
date
Sat, 27 Jan 2024 23:40:26 GMT
content-encoding
br
server
cloudflare
cf-ray
84c4d73969c734c9-NRT
content-type
text/plain; charset=UTF-8
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/quk09/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 28E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/quk09/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=xZNcr9&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
84c4d739f825263b-NRT
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 23:40:26 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
85ff0ac6f95d427
highticketai.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1389519080:1706396802:bG-Ec46HF5eIPrFn6wvas8RaImHeDwh7oF-wvyf7t9w/84c4d737d87034c9/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://highticketai.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1389519080:1706396802:bG-Ec46HF5eIPrFn6wvas8RaImHeDwh7oF-wvyf7t9w/84c4d737d87034c9/85ff0ac6f95d427
Requested by
Host: highticketai.com
URL: https://highticketai.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84c4d737d87034c9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0189d324ed7eabbf5422509ecb28979085d113dbf63410b756c88e2b0b3e0b

Request headers

Referer
https://highticketai.com/htai-sales
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
CF-Challenge
85ff0ac6f95d427
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
cxN6CPKt/UnfkTj+ee+FsldGCRDbR+/+n2Tca6o3p77b7ugrtV7lRMQJ5PtD15KdnuX/uDlSAgkO1owHUPYdZH7kvOnfMl+Jkf47TgBJXqs=$MpDwryHfTy70m/Oe1/vxIQ==
cf-chl-out-s
MTO5GwV16wTTcpru0qZazryKs9gPrzBxFyZr4Hg6P3zDAUjvLKHrXUpIeqr4KBeevNuKtsdqerO+FVSjPJLkxSaG9JLC9bu1XptUmrrBDpkD18AYfqRgfod/PUSTUUHQALIXOHhsZ2C+q5o+JUCGqz9hKsVGdIOfx6PBj9EmmZY5vppJ278DbqoURJB8SmW7xdw/53hyg5T/TRIadmON96+R+zgTsy74NlezeSSlPdnunZm+C4q1firpX7Oxq3X5$NGnxpa3DLxOXqDL/FiieGQ==
date
Sat, 27 Jan 2024 23:40:27 GMT
content-encoding
br
server
cloudflare
cf-ray
84c4d742381934c9-NRT
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/undefined?a=undefined&v=1.250.0&t=Unnamed%20Transaction&rst=332&ck=0&s=9271c037074778d7&ref=https://warriorplus.com/o2/a/vjpvd8/0&hr=0&af=err,xhr,stn,ins&be=232&fe=72&dc=70&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1706398825364,%22n%22:0,%22f%22:1,%22dn%22:12,%22dne%22:12,%22c%22:12,%22s%22:12,%22ce%22:20,%22rq%22:20,%22rp%22:233,%22rpe%22:237,%22di%22:253,%22ds%22:302,%22de%22:303,%22dc%22:303,%22l%22:303,%22le%22:305%7D,%22navigation%22:%7B%7D%7D
Domain
warriorplus.com
URL
https://warriorplus.com/cdn-cgi/rum?
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt object| __cfBeacon function| xZNcr9 boolean| yHep2 function| nxQcD7 function| solsY3 function| cVRI9 function| iwKwK4 object| BnJBu1 function| gsuQko4 function| NjaeCxgKwe object| JCDFSw1 object| turnstile boolean| IOXAZy9 string| VwyP4

10 Cookies

Domain/Path Name / Value
llclickpro.com/ Name: lltkrr33186
Value: 1
llclickpro.com/ Name: lltkrl222684
Value: 1
.pixel.leadsleap.net/ Name: lltkra222684
Value: 391542.28
.pixel.leadsleap.net/ Name: lltkrb222684
Value: 391542.28
warriorplus.com/ Name: warriorplus
Value: 73e9fm6g5b1cm3f1aprful6sg5
warriorplus.com/ Name: rqtok
Value: 44ede4fb03f5e0276410
warriorplus.com/ Name: affo_sw44ly
Value: 533348268
warriorplus.com/ Name: affo2_165485
Value: 533348268
warriorplus.com/ Name: wpg
Value: gpbszmsy4rhhpn4c
.highticketai.com/ Name: __cf_bm
Value: QNxmYbUSF__aoNIF.ZZFjsO3LqYXKJCbvEPRQz4uJHA-1706398826-1-AYFv88aUPAtfBnjI6/jlqssd0qEJXsF7OLX/h4A2q5f0rJyHnqt7vnctnFy64qA0VAdvlhf3HevjVAF+kmIDmt8xRfVWDGjzFqSASKeIH5Xj

6 Console Messages

Source Level URL
Text
javascript error URL: https://warriorplus.com/o2/a/vjpvd8/0
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/undefined?a=undefined&v=1.250.0&t=Unnamed%20Transaction&rst=332&ck=0&s=9271c037074778d7&ref=https://warriorplus.com/o2/a/vjpvd8/0&hr=0&af=err,xhr,stn,ins&be=232&fe=72&dc=70&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1706398825364,%22n%22:0,%22f%22:1,%22dn%22:12,%22dne%22:12,%22c%22:12,%22s%22:12,%22ce%22:20,%22rq%22:20,%22rp%22:233,%22rpe%22:237,%22di%22:253,%22ds%22:302,%22de%22:303,%22dc%22:303,%22l%22:303,%22le%22:305%7D,%22navigation%22:%7B%7D%7D' from origin 'https://warriorplus.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.250.0&t=Unnamed%20Transaction&rst=332&ck=0&s=9271c037074778d7&ref=https://warriorplus.com/o2/a/vjpvd8/0&hr=0&af=err,xhr,stn,ins&be=232&fe=72&dc=70&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1706398825364,%22n%22:0,%22f%22:1,%22dn%22:12,%22dne%22:12,%22c%22:12,%22s%22:12,%22ce%22:20,%22rq%22:20,%22rp%22:233,%22rpe%22:237,%22di%22:253,%22ds%22:302,%22de%22:303,%22dc%22:303,%22l%22:303,%22le%22:305%7D,%22navigation%22:%7B%7D%7D
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://highticketai.com/htai-sales
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://highticketai.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliatemarkingbiz.com
bam.nr-data.net
cdnjs.cloudflare.com
challenges.cloudflare.com
code.jquery.com
highticketai.com
js-agent.newrelic.com
llclickpro.com
pixel.leadsleap.net
static.cloudflareinsights.com
warriorplus.com
www.googletagmanager.com
bam.nr-data.net
warriorplus.com
www.googletagmanager.com
151.101.130.137
172.66.40.88
2606:4700:3032::6815:99
2606:4700:3035::6815:5ef1
2606:4700:3036::ac43:bcf6
2606:4700::6810:3965
2606:4700::6810:cc2
2606:4700::6811:180e
2606:4700::6811:3b8
2a04:4e42::649
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c96aee118a1a5348750823aeebe10208e6de5aa0792aa3edac775961c348391
18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c
25cd015e9229b6cd55447e4be0b06f3e215cf3639c403ed84d6f8369aab40874
2b0189d324ed7eabbf5422509ecb28979085d113dbf63410b756c88e2b0b3e0b
34a2a5d14ba27b248d5002e872c7540c3de50b683d6eaac54093c1b85c2ecabb
58d4e1f67cb6b54496740fcb0b396fc501eacf22fd11aabefccaa21a98c7d668
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
728783d463ffee1106ffa506880b28363a7f49214470ae8e9fb5db38b2a6747b
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f
9ae56e98e0e6dd2b85eebeb0ba1ec661f8b754dc44420457e1ce6f6573b53b5a
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
d096660ecc8549ebe52d2bbad2aee74df0fc2c6da4f6143456658701e9bdc6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faf8c61cad2ebe4fba5aa5a8c103cdc08d01fd7c1f3fd7577d7f97cafb1f2f52