Submitted URL: https://e.email.ticketsatwork.com/click?Ecm9uYWxkLmJ1dHRlcmJhdWdoQHBhY2Nhci5jb20/CeyJtaWQiOiIxNjk4Njg5OTg0MDAwOTY5NmYwN2U0NzJkIiwi...
Effective URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Submission: On October 30 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 46 HTTP transactions. The main IP is 172.64.155.9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ticketsatwork.com. The Cisco Umbrella rank of the primary domain is 93795.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.
This is the only time www.ticketsatwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.47.24.171 46263 (EDIALOG)
3 21 172.64.155.9 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:26f0:e60... 20940 (AKAMAI-ASN1)
7 199.101.26.126 33411 (BRIGHTPAT...)
2 108.138.26.23 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
1 2600:9000:239... 16509 (AMAZON-02)
46 9
Apex Domain
Subdomains
Transfer
22 ticketsatwork.com
e.email.ticketsatwork.com — Cisco Umbrella Rank: 96086
www.ticketsatwork.com — Cisco Umbrella Rank: 93795
595 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 342
157 KB
7 brightpattern.com
ebgcc.brightpattern.com — Cisco Umbrella Rank: 74205
93 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 466
175 KB
2 zjptg.com
www.p.zjptg.com — Cisco Umbrella Rank: 50304
49 KB
1 sjwoe.com
www.sjwoe.com — Cisco Umbrella Rank: 60665
447 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
29 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 590
310 B
0 nr-data.net Failed
bam.nr-data.net Failed
46 9
Domain Requested by
21 www.ticketsatwork.com 3 redirects www.ticketsatwork.com
10 cdn.cookielaw.org www.ticketsatwork.com
7 ebgcc.brightpattern.com www.ticketsatwork.com
ebgcc.brightpattern.com
5 assets.adobedtm.com www.ticketsatwork.com
2 www.p.zjptg.com assets.adobedtm.com
www.p.zjptg.com
1 www.sjwoe.com www.ticketsatwork.com
1 js-agent.newrelic.com www.ticketsatwork.com
1 geolocation.onetrust.com www.ticketsatwork.com
1 e.email.ticketsatwork.com 1 redirects
0 bam.nr-data.net Failed www.ticketsatwork.com
46 10

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-08 -
2024-05-07
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2024-08-10
a year crt.sh
*.brightpattern.com
RapidSSL TLS RSA CA G1
2023-09-27 -
2024-10-27
a year crt.sh
www.p.zjptg.com
Amazon RSA 2048 M02
2023-07-02 -
2024-07-31
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
www.sjwoe.com
Amazon RSA 2048 M02
2023-02-28 -
2024-01-12
10 months crt.sh

This page contains 2 frames:

Primary Page: https://www.ticketsatwork.com/tickets/tracking_consent.php
Frame ID: 3FBFC586E6FAF8B125B74F1F71B44E3B
Requests: 43 HTTP requests in this frame

Frame: https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 8971FCC7B8BDA541DD297FD67D1BE836
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Back ButtonFilter Button

Page URL History Show full URLs

  1. https://e.email.ticketsatwork.com/click?Ecm9uYWxkLmJ1dHRlcmJhdWdoQHBhY2Nhci5jb20/CeyJtaWQiOiIxNjk4Njg5OTg0MDAw... HTTP 302
    https://www.ticketsatwork.com/tickets/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=October-30-2023-Movi... HTTP 302
    https://www.ticketsatwork.com/tickets/index.php?utm_campaign=Nav-Hotels&utm_medium=October-30-2023-Movie-T... HTTP 302
    https://www.ticketsatwork.com/tickets/tracking_consent.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

46
Requests

96 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

1096 kB
Transfer

2672 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.email.ticketsatwork.com/click?Ecm9uYWxkLmJ1dHRlcmJhdWdoQHBhY2Nhci5jb20/CeyJtaWQiOiIxNjk4Njg5OTg0MDAwOTY5NmYwN2U0NzJkIiwiY3QiOiJlYmctdGF3LTYzOGJjNGQxNDk4NDZiODU4OTQ3MDIwNjc3MTI0MmZiLTEiLCJyZCI6InBhY2Nhci5jb20ifQ/HWkhfZWJndGF3X05EQkFNMTAzMDIwMjNjMTA2OTU2N2IxLGViMSxodHRwczovL3d3dy50aWNrZXRzYXR3b3JrLmNvbS90aWNrZXRzL3RyYXZlbA/qP3RhYj1oJnV0bV9jYW1wYWlnbj1OYXYtSG90ZWxzJnV0bV9tZWRpdW09T2N0b2Jlci0zMC0yMDIzLU1vdmllLVRpY2tldHMmdXRtX3NvdXJjZT1FbWFpbCZmcm9tYnVsbGV0aW49MSZjbHRoYXNoPTRiYjhmNmI4OTlhMDFmZjJiMTMzZGY2MTNkN2UyZTc5YzY0MDI4MWUmY21waWQ9JnVpZD0xODEzMDYyNCZjb252X3NvdXJjZT16ZXRhJmJ0X2VlPTFaRGhvSDklMkZvS0hTaGhacHFKJTJGeENIUnJOZmRZMG1BekxET1BBY21xdlo3MVJxYWxrMFVlOGRYSlpKNlR5WEt0JmJ0X3RzPTE2OTg2ODk4NjczNDc/sfq6bdc3c50 HTTP 302
    https://www.ticketsatwork.com/tickets/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=October-30-2023-Movie-Tickets&utm_source=Email&frombulletin=1&clthash=4bb8f6b899a01ff2b133df613d7e2e79c640281e&cmpid=&uid=18130624&conv_source=zeta&bt_ee=1ZDhoH9%2FoKHShhZpqJ%2FxCHRrNfdY0mAzLDOPAcmqvZ71Rqalk0Ue8dXJZJ6TyXKt&bt_ts=1698689867347 HTTP 302
    https://www.ticketsatwork.com/tickets/index.php?utm_campaign=Nav-Hotels&utm_medium=October-30-2023-Movie-Tickets&utm_source=Email HTTP 302
    https://www.ticketsatwork.com/tickets/tracking_consent.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request tracking_consent.php
www.ticketsatwork.com/tickets/
Redirect Chain
  • https://e.email.ticketsatwork.com/click?Ecm9uYWxkLmJ1dHRlcmJhdWdoQHBhY2Nhci5jb20/CeyJtaWQiOiIxNjk4Njg5OTg0MDAwOTY5NmYwN2U0NzJkIiwiY3QiOiJlYmctdGF3LTYzOGJjNGQxNDk4NDZiODU4OTQ3MDIwNjc3MTI0MmZiLTEiLCJ...
  • https://www.ticketsatwork.com/tickets/travel?tab=h&utm_campaign=Nav-Hotels&utm_medium=October-30-2023-Movie-Tickets&utm_source=Email&frombulletin=1&clthash=4bb8f6b899a01ff2b133df613d7e2e79c640281e&...
  • https://www.ticketsatwork.com/tickets/index.php?utm_campaign=Nav-Hotels&utm_medium=October-30-2023-Movie-Tickets&utm_source=Email
  • https://www.ticketsatwork.com/tickets/tracking_consent.php
70 KB
24 KB
Document
General
Full URL
https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98857a8b96744c1b78dd77ab6e760cfb49779d7263366d83c1613df5c96f2ba9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81e71bb7184f1c73-FRA
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 22:31:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
User-Agent, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81e71bb3ef453657-FRA
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 22:31:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/tickets/tracking_consent.php
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
strict-transport-security
max-age=5184000; includeSubDomains
vary
User-Agent, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery-3.5.1.min.js
www.ticketsatwork.com/common_resources/js/
87 KB
32 KB
Script
General
Full URL
https://www.ticketsatwork.com/common_resources/js/jquery-3.5.1.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 31 Aug 2020 15:45:29 GMT
server
cloudflare
etag
W/"15d84-5ae2e4aba3840"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cf-ray
81e71bbaab161c73-FRA
jquery-ui-1.13.2.min.js
www.ticketsatwork.com/common_resources/js/
249 KB
68 KB
Script
General
Full URL
https://www.ticketsatwork.com/common_resources/js/jquery-ui-1.13.2.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 19 Sep 2022 13:26:39 GMT
server
cloudflare
etag
W/"3e471-5e907a95c61c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cf-ray
81e71bbaab171c73-FRA
li.js
www.ticketsatwork.com/common_resources/js/
25 KB
5 KB
Script
General
Full URL
https://www.ticketsatwork.com/common_resources/js/li.js?ebgcbv=170
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21a483e7f4b138c12d7378f8d6099d382cfb1e78f8434a52d41d435944ed2fd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 14 Feb 2022 15:43:22 GMT
server
cloudflare
etag
W/"651c-5d7fc46bbda80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cf-ray
81e71bbaab181c73-FRA
interaction_analytics.js
www.ticketsatwork.com/common_resources/js/
7 KB
2 KB
Script
General
Full URL
https://www.ticketsatwork.com/common_resources/js/interaction_analytics.js?ebgcbv=170
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08afdf6eac5aa471056a6d1186e624a899a374d402adca5a7aa9957b0eea2995
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Thu, 12 Jan 2023 15:23:35 GMT
server
cloudflare
etag
W/"1bb6-5f212b34c2bc0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cf-ray
81e71bbaab191c73-FRA
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HAfQnQ1aKA6QX2rlLtw0Ew==
age
16989
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6821
x-ms-lease-status
unlocked
last-modified
Thu, 26 Oct 2023 03:35:16 GMT
server
cloudflare
etag
0x8DBD5D4922BCA3D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d14de20a-b01e-002a-5345-08e693000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bbb2cb7190f-FRA
launch-1645114e1c78.min.js
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/
649 KB
159 KB
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600:58c::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
33b0e6cb08e785811f02476be5f5df8da84408987098a89885f9929f7bb51f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:24 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 15:59:48 GMT
server
AkamaiNetStorage
etag
"05967d16db4124c0106b19d1444131e6:1698681588.644563"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ticketsatwork.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:31:24 GMT
big_logo.jpg
www.ticketsatwork.com/img/
34 KB
35 KB
Image
General
Full URL
https://www.ticketsatwork.com/img/big_logo.jpg
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a9bb6a4bb7eaffcfb39d44386cd699b34952951572f9f74496b384ed458d9f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
35155
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 07 Jun 2023 18:39:00 GMT
cf-bgj
h2pri
server
cloudflare
etag
"8953-5fd8e72fe3900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbaab1a1c73-FRA
expires
Wed, 29 Nov 2023 22:31:24 GMT
consent_splash_disney.png
www.ticketsatwork.com/common_resources/tawframework/img/
57 KB
57 KB
Image
General
Full URL
https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_disney.png
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0a41e36c1664eac057a83b9fa7c49c89825fcfabcc47a2b1914d6d487f65522
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:24 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
58203
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 08 May 2023 15:08:48 GMT
server
cloudflare
etag
"e35b-5fb3004052000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbaab1d1c73-FRA
expires
Wed, 29 Nov 2023 22:31:24 GMT
consent_splash_universal.png
www.ticketsatwork.com/common_resources/tawframework/img/
64 KB
64 KB
Image
General
Full URL
https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_universal.png
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb64a05853ccf42fc6e52d9b8eb4afd8ac4c47ed61df3aac317d94ed258a9e2f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
65112
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 08 May 2023 15:08:48 GMT
server
cloudflare
etag
"fe58-5fb3004052000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbcac921c73-FRA
expires
Wed, 29 Nov 2023 22:31:24 GMT
consent_splash_seaworld.png
www.ticketsatwork.com/common_resources/tawframework/img/
66 KB
67 KB
Image
General
Full URL
https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_seaworld.png
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf67fa9307c91b01d52a9ec5781dd05f74dd5f821d87d76f438ede52056f4266
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
67978
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 08 May 2023 15:08:48 GMT
server
cloudflare
etag
"1098a-5fb3004052000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbcac931c73-FRA
expires
Wed, 29 Nov 2023 22:31:24 GMT
consent_splash_sixflags.png
www.ticketsatwork.com/common_resources/tawframework/img/
82 KB
83 KB
Image
General
Full URL
https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_sixflags.png
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba561fadb45ac39c0048acd990ebfca4d6a25112d2b06b40ba06c67bd9105088
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
84447
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 08 May 2023 15:08:48 GMT
server
cloudflare
etag
"149df-5fb3004052000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbe1db81c73-FRA
expires
Wed, 29 Nov 2023 22:31:25 GMT
consent_splash_wyndham.png
www.ticketsatwork.com/common_resources/tawframework/img/
70 KB
70 KB
Image
General
Full URL
https://www.ticketsatwork.com/common_resources/tawframework/img/consent_splash_wyndham.png
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2854856e2856c9e70e76a9041cd60944200250d93ee8f292d4274008034386e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
71443
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Mon, 08 May 2023 15:08:48 GMT
server
cloudflare
etag
"11713-5fb3004052000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbfcf101c73-FRA
expires
Wed, 29 Nov 2023 22:31:25 GMT
form.css
ebgcc.brightpattern.com/clientweb/chat-client-v4/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/css/form.css
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
4471d3760ad27b466ca99f4e9ac126ee8d9eb24d7d9989561b12e40ca118dcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 22:31:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 20 Sep 2023 23:46:25 GMT
Server
nginx/1.25.2
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2620
li.php
www.ticketsatwork.com/common_resources/
765 B
968 B
XHR
General
Full URL
https://www.ticketsatwork.com/common_resources/li.php
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559de24d4afbe445102f4cd68f4146980184f43d1e0858b2561e68900b0f83b1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
XA4PUldACQIAXFRbAA==
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
cf-ray
81e71bbdbd691c73-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
9ea95be0-451b-4ef8-8b4d-41b4b6617c33.json
cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/9ea95be0-451b-4ef8-8b4d-41b4b6617c33.json
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b58fd16f0cb908fa3ec86e150252ba8bf4ecf314272fc403b8c43c8a4c639f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5298
content-md5
cVGsAfzG/v3IW57eZnx1Cg==
content-length
1718
x-ms-lease-status
unlocked
last-modified
Tue, 05 Sep 2023 12:20:26 GMT
server
cloudflare
etag
0x8DBAE0A7C71A83E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d4fb698c-a01e-00a0-38f3-dfbd22000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bbe3a7bbbfe-FRA
expires
Tue, 31 Oct 2023 22:31:25 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
34 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600:58c::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ticketsatwork.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Mon, 30 Oct 2023 23:31:25 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600:58c::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ticketsatwork.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Mon, 30 Oct 2023 23:31:25 GMT
100001
www.p.zjptg.com/tag/1537403/
49 KB
49 KB
Script
General
Full URL
https://www.p.zjptg.com/tag/1537403/100001
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-23.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
50b6bfb8d53a20cc2f5f1ea1e33e946d645cc3e71e7c446f608d0012ba272bd5

Request headers

Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 30 Oct 2023 22:21:03 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
age
622
x-cache
Hit from cloudfront
content-length
50059
x-amz-cf-id
h7k_j17cBnPZmOK-2B7nWg2ejptTstjoS3r7vSo19jkASbo2xX2LZg==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
72 B
310 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
81e71bbf1bb5bb5b-FRA
access-control-allow-headers
Content-Type
li.php
www.ticketsatwork.com/common_resources/
0
525 B
XHR
General
Full URL
https://www.ticketsatwork.com/common_resources/li.php
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
XA4PUldACQIAXFRbAA==
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate
cf-ray
81e71bbf2e881c73-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
li.php
www.ticketsatwork.com/common_resources/
0
525 B
XHR
General
Full URL
https://www.ticketsatwork.com/common_resources/li.php
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
XA4PUldACQIAXFRbAA==
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
p3p
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
unsafe-url
server
cloudflare
vary
User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
cache-control
no-store, no-cache, must-revalidate
cf-ray
81e71bbf2e8b1c73-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
7199.jpg
www.ticketsatwork.com/common_resources/campaigns/
49 KB
49 KB
Image
General
Full URL
https://www.ticketsatwork.com/common_resources/campaigns/7199.jpg
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e9d10dc7c304898e2ffcc25784db2bd622599cdf40b45408087e981093a4e3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
49893
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 25 Oct 2023 17:52:16 GMT
cf-bgj
h2pri
server
cloudflare
etag
"c2e5-6088e1daf38a4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
81e71bbfcf121c73-FRA
expires
Wed, 29 Nov 2023 22:31:25 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202308.1.0/
411 KB
99 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2+I2Cj649lHjQKiedh8F2Q==
age
24872
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
101254
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:47 GMT
server
cloudflare
etag
0x8DBD50E45B16C1C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a3fa2dcc-d01e-0085-5d7c-07145e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bbfc860190f-FRA
lato-regular-webfont.woff
www.ticketsatwork.com/css/fonts/
31 KB
32 KB
Font
General
Full URL
https://www.ticketsatwork.com/css/fonts/lato-regular-webfont.woff
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
Origin
https://www.ticketsatwork.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
alt-svc
h3=":443"; ma=86400
content-length
31808
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
last-modified
Wed, 22 Jan 2014 16:42:44 GMT
server
cloudflare
etag
"7c40-4f091d0644900"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/opentype
cache-control
max-age=7776000, public
accept-ranges
bytes
cf-ray
81e71bbfcf161c73-FRA
expires
Sun, 28 Jan 2024 22:31:25 GMT
en.json
cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/b0e808be-275f-4880-929d-982eef767a1a/
129 KB
23 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/9ea95be0-451b-4ef8-8b4d-41b4b6617c33/b0e808be-275f-4880-929d-982eef767a1a/en.json
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3acc9a635787d4bb3de3c4f53e7a746dbdfe60d7685a487e37260b262ff5697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28181
content-md5
eVYDz01fq24jfmNkhm3eFQ==
content-length
23468
x-ms-lease-status
unlocked
last-modified
Tue, 05 Sep 2023 12:20:30 GMT
server
cloudflare
etag
0x8DBAE0A7EE64574
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c6a3c2eb-701e-008c-23f3-df518d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bc06c74bbfe-FRA
expires
Tue, 31 Oct 2023 22:31:25 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otFlat.json
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
C2c3Qd8FHm1wstxOFHDJ2w==
age
5297
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:37 GMT
server
cloudflare
etag
0x8DBD50E3F9DEF08
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7fd3581b-201e-0007-793e-0755e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bc0ecf9bbfe-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/otPcTab.json
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
W3M09FoULMOrbblf8iKnug==
age
5297
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13391
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:40 GMT
server
cloudflare
etag
0x8DBD50E412DA220
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e71a8030-101e-000c-353e-07ae8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bc0ecfabbfe-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
5297
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 03:55:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
5c21837c-101e-006e-363e-076cac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81e71bc0ecfcbbfe-FRA
RCd28a62cc788b4c8288f18be1d9a77206-source.min.js
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/264314374684/
340 B
474 B
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/264314374684/RCd28a62cc788b4c8288f18be1d9a77206-source.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600:58c::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e8d650eef8cdbc5b6835b5de3706fbd3d16105502218708e2b55a9a368798561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 15:59:49 GMT
server
AkamaiNetStorage
etag
"962d3a603cd57e3a56d4e11a6eb6c5a2:1698681589.537758"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ticketsatwork.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
214
expires
Mon, 30 Oct 2023 23:31:25 GMT
main.js
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 8971
Redirect Chain
  • https://www.ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
7 KB
4 KB
Script
General
Full URL
https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H3
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07691148c67cf40deaca44e01b65560e8abe02aba9926d178313cd785bf1920
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
81e71bc299621c73-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control
max-age=300, public
cf-ray
81e71bc228f61c73-FRA
alt-svc
h3=":443"; ma=86400
init.js
ebgcc.brightpattern.com/clientweb/chat-client-v4/js/
7 KB
7 KB
Script
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/js/init.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
225bcbf8fc75a8278d467985f4dd63d8453ac652e1ba34043466f90416c61750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 22:31:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 20 Sep 2023 23:46:25 GMT
Server
nginx/1.25.2
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7355
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
494 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
1806
x-ms-lease-status
unlocked
last-modified
Mon, 30 Oct 2023 06:03:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
23f64b86-801e-0043-2647-0bdfdf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81e71bc25e72bbfe-FRA
Background_Blank_Logo_%23003466_Color.png
cdn.cookielaw.org/logos/d3646c5c-241f-4a3a-8e20-5a76f0100e08/f2f4a009-5f91-4fc5-b02d-6b124ca021fc/01934b4d-0e2b-459f-96f7-f90662b436dc/
2 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/d3646c5c-241f-4a3a-8e20-5a76f0100e08/f2f4a009-5f91-4fc5-b02d-6b124ca021fc/01934b4d-0e2b-459f-96f7-f90662b436dc/Background_Blank_Logo_%23003466_Color.png
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3c197d6e30d6645f7f89d028509e7bbdfce73fa1dc3e356c9854da1722ddf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PtWihmGZDte5JSK9WDc7kQ==
age
3735
content-length
1699
x-ms-lease-status
unlocked
last-modified
Tue, 09 Nov 2021 00:25:10 GMT
server
cloudflare
etag
0x8D9A31763DD0BB4
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8d69466a-e01e-0057-5de1-5a316b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81e71bc26a83190f-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 22:31:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
58629
x-ms-lease-status
unlocked
last-modified
Thu, 26 Oct 2023 03:35:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
18805e4f-401e-0001-4b37-08665f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81e71bc26a84190f-FRA
81e71bb7184f1c73
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8971
0
303 B
XHR
General
Full URL
https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/jsd/r/81e71bb7184f1c73
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Oct 2023 22:31:26 GMT
strict-transport-security
max-age=5184000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
81e71bc37a151c73-FRA
alt-svc
h3=":443"; ma=86400
page-lib.min.js
ebgcc.brightpattern.com/clientweb/chat-client-v4/build/
16 KB
8 KB
Script
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/page-lib.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
a573a5c7e757fc9ff9bb66611d63178290d28423fa744badb37f71459e8910bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 22:31:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 23:46:25 GMT
Server
nginx/1.25.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
RCd5fe93df2ac344a6b7798a869003a2f6-source.min.js
assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/264314374684/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/264314374684/RCd5fe93df2ac344a6b7798a869003a2f6-source.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600:58c::1e80 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2f89aa5887a31bf4d99f921559b862c22441ca4d65284812cb07a002d46d98f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 22:31:26 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 15:59:49 GMT
server
AkamaiNetStorage
etag
"962d3a603cd57e3a56d4e11a6eb6c5a2:1698681589.537758"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.ticketsatwork.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
793
expires
Mon, 30 Oct 2023 23:31:26 GMT
chat-widget.min.js
ebgcc.brightpattern.com/clientweb/chat-client-v4/build/
243 KB
71 KB
Script
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/chat-widget.min.js?cache-control=1337
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
4ccf214167c187a1aade2269a0e03955c1e1dad0c95deff369870c1d7587d423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 22:31:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 23:46:25 GMT
Server
nginx/1.25.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
nr-spa-1.246.0.min.js
js-agent.newrelic.com/
86 KB
29 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.246.0.min.js
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e444e843ebdc5c2db6b2f136e8ad77b8c2058d8f8435932c1d3ae734e4b9f6cc
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
ZCiO0bNaXW3BU6W4t6EcMCRx3MVwqspc
content-encoding
br
via
1.1 varnish
date
Mon, 30 Oct 2023 22:31:26 GMT
strict-transport-security
max-age=300
x-amz-request-id
4GGX59TK5GPNE461
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
28993
x-amz-id-2
4XRgoO7yAoDGtOBCV3GC3I56B70GGkZghQipWJ9GVidoYY6jGwAxRLjaMoLomE7GRxTemwkMoAk=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Tue, 24 Oct 2023 13:50:56 GMT
server
AmazonS3
x-timer
S1698705087.837557,VS0,VE0
etag
"5d20a26d4ec76d1f3fae03b0023eff5b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
264022
policy
www.sjwoe.com/
47 B
447 B
Fetch
General
Full URL
https://www.sjwoe.com/policy
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:8400:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:00:04 GMT
via
1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
12682
x-amzn-trace-id
Root=1-653ffd34-62a5d4153967c9a0551ddfab;Sampled=0;lineage=36ff8a84:0
x-amzn-requestid
56aa956a-c5ba-4fb3-9d74-ed4ea2bc1c70
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-apigw-id
NoSAREuRoAMEkaA=
content-length
47
x-amz-cf-id
kGHzM4smGmUc2XMGT33aJluLVoN71MY9gxrwNcIfoa13A30qXyxAkg==
snippet.css
ebgcc.brightpattern.com/clientweb/chat-client-v4/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://ebgcc.brightpattern.com/clientweb/chat-client-v4/css/snippet.css
Requested by
Host: ebgcc.brightpattern.com
URL: https://ebgcc.brightpattern.com/clientweb/chat-client-v4/build/chat-widget.min.js?cache-control=1337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
d6b698d1ea19908960b79aae6038d4757830e3f3b84df970ae695f7762c5c10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 22:31:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 23:46:25 GMT
Server
nginx/1.25.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
configuration
ebgcc.brightpattern.com/clientweb/api/v1/
68 B
523 B
XHR
General
Full URL
https://ebgcc.brightpattern.com/clientweb/api/v1/configuration?tenantUrl=ebgcc.brightpattern.com&domain=www.ticketsatwork.com&appId=05363aaa62214ab49d457fb6ae0dc5e4
Requested by
Host: www.ticketsatwork.com
URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
7de743fe979877241aadf5f90a0634f6960d6840e130779fa6cceb359fb6c251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language
de-DE,de;q=0.9
Authorization
MOBILE-API-140-327-PLAIN appId="05363aaa62214ab49d457fb6ae0dc5e4", clientId="undefined"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 22:31:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx/1.25.2
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.ticketsatwork.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-type, Authorization
Content-Length
68
configuration
ebgcc.brightpattern.com/clientweb/api/v1/ Frame
0
0
Preflight
General
Full URL
https://ebgcc.brightpattern.com/clientweb/api/v1/configuration?tenantUrl=ebgcc.brightpattern.com&domain=www.ticketsatwork.com&appId=05363aaa62214ab49d457fb6ae0dc5e4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.101.26.126 , United States, ASN33411 (BRIGHTPATTERNSC, US),
Reverse DNS
Software
nginx/1.25.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.ticketsatwork.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Origin, Content-type, Authorization
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
https://www.ticketsatwork.com
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Oct 2023 22:31:27 GMT
Server
nginx/1.25.2
Strict-Transport-Security
max-age=31536000; includeSubDomains
undefined
bam.nr-data.net/1/
0
0

log
www.p.zjptg.com/
19 B
246 B
Ping
General
Full URL
https://www.p.zjptg.com/log
Requested by
Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/1537403/100001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-23.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443

Request headers

Referer
https://www.ticketsatwork.com/tickets/tracking_consent.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Oct 2023 22:31:27 GMT
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
content-length
19
x-amz-cf-id
nfdMUpD6g5hoqb7qIj_0y0wGD7ya0LdEASGllPp3brBmdVt0yE2YYw==
x-cache
Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/undefined?a=undefined&v=1.246.0&t=Unnamed%20Transaction&rst=4318&ck=0&s=e6ca213c961246a0&ref=https://www.ticketsatwork.com/tickets/tracking_consent.php&af=err,xhr,stn,ins,spa&be=1874&fe=2297&dc=1363&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698705082567,%22n%22:0,%22f%22:1431,%22dn%22:1431,%22dne%22:1431,%22c%22:1431,%22s%22:1431,%22ce%22:1431,%22rq%22:1432,%22rp%22:1874,%22rpe%22:1975,%22di%22:3176,%22ds%22:3176,%22de%22:3237,%22dc%22:4168,%22l%22:4168,%22le%22:4171%7D,%22navigation%22:%7B%7D%7D&fp=2836&fcp=2836

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.246.0.PROD object| newrelic function| $ function| jQuery function| _js_ebgurl string| css function| setCookie function| getCookie function| jQueryWait function| display_campaign function| adjust_header object| scripts string| LI_AFFILIATE_ID object| li_info object| kWidgetWrapper object| InteractionAnalytics object| InteractionAnalyticsUtility object| OneTrustStub function| OptanonWrapper object| EBGData object| ebg object| _satellite boolean| __satelliteLoaded function| AdobePrivacy object| adobe function| Visitor object| s_c_il number| s_c_in object| _sdiToolkit number| adobe_request_count object| $div_fixed object| otStubData object| cj number| modifiedBouncelessPercentage number| configuredPublisherId number| configuredTagId string| after_consent_location function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| Optanon object| OneTrust function| gtag object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| SERVICE_PATTERN_CHAT_CONFIG function| getThisScriptObject object| selfScriptTag function| extractOriginFromUrl string| chatPath function| loadScripts boolean| initialized function| ready function| processLaunchEventQueue object| platform function| chatApiSessionBuildSessionFromSessionId function| caseHistoryHandler function| chatApiSessionCheckSessionExists function| chatApiSessionCreateSession function| chatApiSessionCreateSessionHandler function| chatApiSessionCreateSessionHandlerHelpers function| escapeHTML function| escapeRecursive function| isValidHrefAttribute function| isValidProtocol function| isValidHost function| isValidEmailAddress function| chatApiSessionHandleEvents function| chatApiSessionHandleHistoryEvents function| chatApiSessionPrepareRequest function| chatApiSessionPrintToConsole function| chatApiSessionRecognizeDirectives function| chatApiSessionSendXhr function| chatApiSessionStartPoll object| chatApiSessionVariables function| clientChatPageConfigurationChat function| clientChatPageConnection function| clientChatPageGenerateInputs function| clientChatPageGetConnectRequestData function| clientChatPageGetUrlVars function| clientChatPageInitDragAndDrop function| clientChatPageMakeId function| clientChatPageOnFormSubmit function| clientChatPageOnMessage function| clientChatPageOnReady object| persistentChat function| clientChatPageSafeEndSession function| clientChatPageSafeEndSessionConfirm function| clientChatPageShowForm function| clientChatPageUpdateScrollbar function| clientChatPageUploadFiles object| clientChatPageVariables function| clientChatUiAppendLog function| clientChatUiChatMessageTyping function| clientChatUiEscapeHtml function| clientChatUiI18n function| clientChatUiMsgKeyPress function| clientChatUiNotTyping function| clientChatUiPrepareEvent function| clientChatUiSendLocation function| clientChatUiSendMessage function| clientChatUiSendNavigation object| clientChatUiVariables object| callbackUtilService object| commonUtilService object| commonConstants object| htmlUtilService function| buildProactiveOfferPreview function| proactiveChatStarter object| proactiveOfferService function| scaleProactiveOffer object| widgetConfiguration function| chatCompareUrl function| constructorConfigurationPreview function| constructorHelpers function| constructorPreviewCode function| chatPreview function| chatSnippet function| snippetBuild function| snippetChatUrl function| snippetCheckAddFrame function| snippetCheckAvailability function| snippetCheckDeviceSupport function| loadCobrowsingSolution function| removeCobrowsingPopup function| showCobrowsingStartPopup function| snippetConfigurationSnippet function| snippetDraggable function| snippetHandleAvailability function| snippetHelperFunctions function| snippetKeepOpenedState function| snippetOnInitialize function| snippetOpenChat function| snippetShowNotification object| snippetSurfly object| snippetTogetherJs function| snippetVariables function| updateChatStyles object| cobrowsingSolution

7 Cookies

Domain/Path Name / Value
www.ticketsatwork.com/ Name: PHPSESSID
Value: t1p4o0aebn2kvr6ci9fua2flio
www.ticketsatwork.com/ Name: TICKETSATWORK
Value: !ukZiyffr8lBjiuDEGrgS3UUsx8RR/wZ45+c+nlSlBfOgTa21GS4DDRDMXIKNjgSVzmdgdzaN/JptkHw=
.ticketsatwork.com/ Name: __cf_bm
Value: LD95dELjifmpIhdv1gwzgdYX_w0tzmeoNx77Q6OfQeM-1698705083-0-AdQnxoAp33FUC3cExU7jP39Ob3whQEzXrzslHJP5QM6AKo3pb5zmNHIcAIIP+qNgF8pdgVzH6tybnBbM/2uenag=
www.ticketsatwork.com/ Name: gdpr_pp
Value: 2
.ticketsatwork.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Oct+30+2023+23%3A31%3A25+GMT%2B0100+(Central+European+Standard+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=e824b34b-b35d-499a-a6a1-26f566f5fc53&interactionCount=0&landingPath=https%3A%2F%2Fwww.ticketsatwork.com%2Ftickets%2Ftracking_consent.php&groups=C0001%3A1%2CID007%3A0%2CC0003%3A0%2CC0002%3A0%2CGRP01%3A0%2CC0005%3A0%2CC0004%3A0
.ticketsatwork.com/ Name: cf_clearance
Value: Dqhtf_md94zYct39R.rpxOI9gBXJH2KiFdKYnKPAQkM-1698705086-0-1-abd7f64d.13c825d0.c35ccccf-0.2.1698705086
www.ticketsatwork.com/ Name: cjConsent
Value: 0|0:1698705086737|0

5 Console Messages

Source Level URL
Text
javascript warning URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.p.zjptg.com/tag/1537403/100001, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://assets.adobedtm.com/a281455e4dfe/053a29fb1fe9/launch-1645114e1c78.min.js(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.p.zjptg.com/tag/1537403/100001, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.ticketsatwork.com/tickets/tracking_consent.php
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/undefined?a=undefined&v=1.246.0&t=Unnamed%20Transaction&rst=4318&ck=0&s=e6ca213c961246a0&ref=https://www.ticketsatwork.com/tickets/tracking_consent.php&af=err,xhr,stn,ins,spa&be=1874&fe=2297&dc=1363&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698705082567,%22n%22:0,%22f%22:1431,%22dn%22:1431,%22dne%22:1431,%22c%22:1431,%22s%22:1431,%22ce%22:1431,%22rq%22:1432,%22rp%22:1874,%22rpe%22:1975,%22di%22:3176,%22ds%22:3176,%22de%22:3237,%22dc%22:4168,%22l%22:4168,%22le%22:4171%7D,%22navigation%22:%7B%7D%7D&fp=2836&fcp=2836' from origin 'https://www.ticketsatwork.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.246.0&t=Unnamed%20Transaction&rst=4318&ck=0&s=e6ca213c961246a0&ref=https://www.ticketsatwork.com/tickets/tracking_consent.php&af=err,xhr,stn,ins,spa&be=1874&fe=2297&dc=1363&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1698705082567,%22n%22:0,%22f%22:1431,%22dn%22:1431,%22dne%22:1431,%22c%22:1431,%22s%22:1431,%22ce%22:1431,%22rq%22:1432,%22rp%22:1874,%22rpe%22:1975,%22di%22:3176,%22ds%22:3176,%22de%22:3237,%22dc%22:4168,%22l%22:4168,%22le%22:4171%7D,%22navigation%22:%7B%7D%7D&fp=2836&fcp=2836
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ebgcc.brightpattern.com/clientweb/api/v1/configuration?tenantUrl=ebgcc.brightpattern.com&domain=www.ticketsatwork.com&appId=05363aaa62214ab49d457fb6ae0dc5e4
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; media-src * blob:; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bam.nr-data.net
cdn.cookielaw.org
e.email.ticketsatwork.com
ebgcc.brightpattern.com
geolocation.onetrust.com
js-agent.newrelic.com
www.p.zjptg.com
www.sjwoe.com
www.ticketsatwork.com
bam.nr-data.net
108.138.26.23
151.101.130.137
172.64.155.9
199.101.26.126
2600:9000:2394:8400:7:f1a3:af00:93a1
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a02:26f0:e600:58c::1e80
96.47.24.171
08afdf6eac5aa471056a6d1186e624a899a374d402adca5a7aa9957b0eea2995
225bcbf8fc75a8278d467985f4dd63d8453ac652e1ba34043466f90416c61750
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
2f89aa5887a31bf4d99f921559b862c22441ca4d65284812cb07a002d46d98f1
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
33b0e6cb08e785811f02476be5f5df8da84408987098a89885f9929f7bb51f56
3d3c197d6e30d6645f7f89d028509e7bbdfce73fa1dc3e356c9854da1722ddf1
4471d3760ad27b466ca99f4e9ac126ee8d9eb24d7d9989561b12e40ca118dcf0
4ccf214167c187a1aade2269a0e03955c1e1dad0c95deff369870c1d7587d423
50b6bfb8d53a20cc2f5f1ea1e33e946d645cc3e71e7c446f608d0012ba272bd5
559de24d4afbe445102f4cd68f4146980184f43d1e0858b2561e68900b0f83b1
57a9bb6a4bb7eaffcfb39d44386cd699b34952951572f9f74496b384ed458d9f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7de743fe979877241aadf5f90a0634f6960d6840e130779fa6cceb359fb6c251
98857a8b96744c1b78dd77ab6e760cfb49779d7263366d83c1613df5c96f2ba9
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
a2854856e2856c9e70e76a9041cd60944200250d93ee8f292d4274008034386e
a4e4ccc4357349a0512f55e32e48ea74fee0a72e270a6ca5e22b9231ebc41f75
a4e9d10dc7c304898e2ffcc25784db2bd622599cdf40b45408087e981093a4e3
a573a5c7e757fc9ff9bb66611d63178290d28423fa744badb37f71459e8910bb
b07691148c67cf40deaca44e01b65560e8abe02aba9926d178313cd785bf1920
ba561fadb45ac39c0048acd990ebfca4d6a25112d2b06b40ba06c67bd9105088
cf67fa9307c91b01d52a9ec5781dd05f74dd5f821d87d76f438ede52056f4266
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d6b698d1ea19908960b79aae6038d4757830e3f3b84df970ae695f7762c5c10f
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e0a41e36c1664eac057a83b9fa7c49c89825fcfabcc47a2b1914d6d487f65522
e21a483e7f4b138c12d7378f8d6099d382cfb1e78f8434a52d41d435944ed2fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444e843ebdc5c2db6b2f136e8ad77b8c2058d8f8435932c1d3ae734e4b9f6cc
e8d650eef8cdbc5b6835b5de3706fbd3d16105502218708e2b55a9a368798561
e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763
e9b58fd16f0cb908fa3ec86e150252ba8bf4ecf314272fc403b8c43c8a4c639f
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ef692caebb708b665def2aad3beab4eca949689636103edd74069a60d6da5d59
f3acc9a635787d4bb3de3c4f53e7a746dbdfe60d7685a487e37260b262ff5697
f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb64a05853ccf42fc6e52d9b8eb4afd8ac4c47ed61df3aac317d94ed258a9e2f