service.gigsandtours.com Open in urlscan Pro
172.66.0.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec
Effective URL:
https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Submission Tags: 0xscam
Submission: On April 15 via api (April 15th 2024, 10:27:46 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 172.66.0.126, located in United States and belongs to CLOUDFLARENET, US. The main domain is service.gigsandtours.com.
TLS certificate: Issued by GTS CA 1P5 on March 16th 2024. Valid for: 3 months.

This is the only time service.gigsandtours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	99.81.129.21 99.81.129.21	16509 (AMAZON-02) (AMAZON-02)
2	18.244.18.53 18.244.18.53	16509 (AMAZON-02) (AMAZON-02)
1 10	172.66.0.126 172.66.0.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

3 99.81.129.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-129-21.eu-west-1.compute.amazonaws.com

gigst.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-53.fra56.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.66.0.126 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

service.gigsandtours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.emlfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gigsandtours.com 1 redirects service.gigsandtours.com	210 KB
3	gigst.rs gigst.rs	38 KB
2	emlfiles.com i.emlfiles.com — Cisco Umbrella Rank: 93735	643 KB
2	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 109728	3 KB
14	4

	Domain	Requested by
8	service.gigsandtours.com	1 redirects gigst.rs service.gigsandtours.com
3	gigst.rs	gigst.rs
2	i.emlfiles.com	service.gigsandtours.com
2	static.assetlab.io
14	4

This site contains no links.

Subject Issuer	Validity	Valid
gigst.rs Amazon RSA 2048 M02	`2023-12-04` - `2025-01-01`	a year	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
service.gigsandtours.com GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
i.emlfiles.com GTS CA 1P5	`2024-03-14` - `2024-06-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Frame ID: 271C58625354108A5B52EE063425A858
Requests: 12 HTTP requests in this frame

Frame: https://service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 7F7BB36FEAA0163025A4724CCAE52E05
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign Up For Il Divo Pre-Sale Access

Page URL History Show full URLs

https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec Page URL
https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec Page URL

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

893 kB
Transfer

1539 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec Page URL
https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://service.gigsandtours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 IDUK24 Show response
gigst.rs/ 91 KB
37 KB 283ms
130ms Document
text/html 99.81.129.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.129.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 426d9c15082c0afca6ec4b27261838285bc3bfe61e58859c41d5abeb4cdae8ae

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 15 Apr 2024 10:27:40 GMT
vary: Accept-Encoding
x-redirector-version: redirector-v3

POST
H2 200 /
gigst.rs/~/tr/visit/ 70 B
229 B 131ms
131ms XHR
application/json 99.81.129.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigst.rs/~/tr/visit/
Requested by: Host: gigst.rs
URL: https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.129.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
x-redirector-version: redirector-v3
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

POST
H2 200 / Show response
gigst.rs/~/tr/event/ 70 B
229 B 120ms
120ms XHR
application/json 99.81.129.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gigst.rs/~/tr/event/
Requested by: Host: gigst.rs
URL: https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.129.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8ef4e2c943534649948f8eca035949b4c4a3a8f2dd0464f8c15d1ba5f55363d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
x-redirector-version: redirector-v3
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H2 200 favicon.ico
static.assetlab.io/redirector-prod/3.107.0/img/icons/ 1 KB
2 KB 161ms
41ms Other
image/vnd.microsoft.icon 18.244.18.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.107.0/img/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gigst.rs/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: syW7a9I1IlqluWJjtSlKmYPHtFrgUU0F
date: Mon, 15 Apr 2024 09:47:06 GMT
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 13:58:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2436
x-amz-server-side-encryption: AES256
etag: "a1dc412a42d1c7f6a905633a93f0fe06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 1150
x-amz-cf-id: SVHgq7_b6DP-8mZ5P2LnLfiN_9nNQsauOVorRBsBNVVt3bbRHp6Fsg==

GET
H2 200 Primary Request il-divo-presale Show response
service.gigsandtours.com/p/7LDA-2RC/ 29 KB
6 KB 280ms
171ms Document
text/html 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec

Requested by

Host: gigst.rs
URL: https://gigst.rs/IDUK24?twclid=2-61pg7ymcol2shuqq1mo40jwec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d9170cec4662b6192d48a7be6bc189c90bfef27bc6b4b6f141608ec4564fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://gigst.rs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 874b3e969bc81ede-AMS
content-encoding: gzip
content-type: text/html
date: Mon, 15 Apr 2024 10:27:41 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 favicon-32x32.png
static.assetlab.io/redirector-prod/3.107.0/img/icons/ 890 B
1 KB 40ms
39ms Other
image/png 18.244.18.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.assetlab.io/redirector-prod/3.107.0/img/icons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://gigst.rs/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: NQakruFXJm31rSwGBguWuoNTgafhDQH0
date: Mon, 15 Apr 2024 09:41:27 GMT
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 13:58:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2775
x-amz-server-side-encryption: AES256
etag: "a55d7209ea91a404dd1317f89985f559"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 890
x-amz-cf-id: 5XziszRqilENM1FaDqYKJbX7HSAmSEazeHLRjDiEesGzIYQ2Dsxr8Q==

GET
H2 200 landingpages.css
service.gigsandtours.com/resources/embedded/ 61 KB
11 KB 67ms
66ms Stylesheet
text/css 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.gigsandtours.com/resources/embedded/landingpages.css

Requested by

Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b3fed27d66e5206b9ca0d1550beee9c02b0e5901ec32c40bb969d2832f422c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 10:09:48 GMT
server: cloudflare
age: 3773
etag: W/"1da8a660d944aa1"
vary: Accept-Encoding
content-type: text/css
cf-ray: 874b3e986d581ede-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 2703_gigsandtourslogotransparent.png
i.emlfiles.com/cmpimg/7/6/7/2/5/3/files/ 42 KB
42 KB 1264ms
1107ms Image
image/png 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles.com/cmpimg/7/6/7/2/5/3/files/2703_gigsandtourslogotransparent.png
Requested by: Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc161a9b37f87768f8056a1051cccbe17b6897baebcaea974713cb49e8f558d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://service.gigsandtours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
x-amz-version-id: hKPwdP2dM3b2lN3j2aRzuMnyPwtcxHlR
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 09:03:43 GMT
server: cloudflare
x-amz-request-id: P1ZJZ2RY18GBQE9F
etag: "e84cac2ffc977dc6cb0ec03de45d1e53"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 874b3e99588b44f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 42610
x-amz-id-2: J70OOLJSg+o8/nwiVrPpmeXi34cqXs3RmRTLd96VgiHEah4+Ztd04v1+aAfPkgsse6exv9HFst4=

GET
H3 200 146045_illdivosignuppageimage.png
i.emlfiles.com/cmpimg/6/8/2/4/5/3/files/ 600 KB
601 KB 290ms
133ms Image
image/webp 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles.com/cmpimg/6/8/2/4/5/3/files/146045_illdivosignuppageimage.png
Requested by: Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca9ecfdac4d1c13b835607ff5728b5fa3713f121f64113a5e8d3da826b75ac3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://service.gigsandtours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
x-amz-version-id: H5f3nCmZFNk4MUSwVzmgjnUBE6uVVpqC
cf-cache-status: REVALIDATED
x-amz-request-id: ACH6WX32HNSFN2MJ
cf-polished: origFmt=png, origSize=1129367
content-disposition: inline; filename="146045_illdivosignuppageimage.webp"
alt-svc: h3=":443"; ma=86400
content-length: 614622
x-amz-id-2: Y47aYJAbkhhoLojE8LwoPit2EkFLFdZN4Pq7hq12w9W07hV6jhsiqzRNd9D3RLucvdSpspWTClc=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Mar 2024 11:45:31 GMT
server: cloudflare
etag: "b200008846a6acfd9c957a4cc67fcd5e"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 874b3e99588a44f2-TXL

GET
H2 200 LandingPagesEmbedded1_2 Show response
service.gigsandtours.com/assets/scripts/ 701 KB
186 KB 78ms
53ms Script
application/javascript 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.gigsandtours.com/assets/scripts/LandingPagesEmbedded1_2

Requested by

Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f541679a89c284578f29c7c788b1daae241aacf3c342e600daddb8eb9f81d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 09 Apr 2024 10:14:15 GMT
server: cloudflare
etag: W/"1da8a66acb34157"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 874b3e98ed9f1ede-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 strings.js Show response
service.gigsandtours.com/Resources/LandingPagesEmbedded/localised/ 979 B
473 B 76ms
51ms Script
text/javascript 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.gigsandtours.com/Resources/LandingPagesEmbedded/localised/strings.js

Requested by

Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e618f589131b63d656b0eb5d020eef6557bf0c71afb5d65c362e35e5faac38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 09:24:49 GMT
server: cloudflare
age: 3772
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cf-ray: 874b3e98eda21ede-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 7F7B
Redirect Chain

https://service.gigsandtours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

51ms
50ms

Script
application/javascript

172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Requested by

Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec

Protocol

Server

172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd59b7ad3b496f91f32dffcafbc47148ee76449a2570124a51f1adaae935a4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Apr 2024 10:27:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 874b3e9b19462074-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 15 Apr 2024 10:27:41 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 874b3e9ad90f2074-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 874b3e969bc81ede Show response
service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7F7B 0
339 B 65ms
62ms XHR
text/plain 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://service.gigsandtours.com/cdn-cgi/challenge-platform/h/b/jsd/r/874b3e969bc81ede
Requested by: Host: service.gigsandtours.com
URL: https://service.gigsandtours.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Apr 2024 10:27:42 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 874b3e9be9ec2074-AMS
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 404 favicon.ico
service.gigsandtours.com/ 5 KB
2 KB 54ms
54ms Other
text/html 172.66.0.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service.gigsandtours.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.0.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24c4cb029e1ef5f4f7be23b39e458b4a2a04dfc73a494b93a14a41a402d9f574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://service.gigsandtours.com/p/7LDA-2RC/il-divo-presale?twclid=2-61pg7ymcol2shuqq1mo40jwec
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 10:27:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 143
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cf-ray: 874b3ea11e042074-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gigst.rs/	1970-01-20 19:52:57	Name: LF_session_6c653a805dd66eaf415bff5099c3defe Value: 1
service.gigsandtours.com/	1970-01-20 20:36:08	Name: LP-9FE7AEFBF0F6A7697LDA5E9BA7559C410A65 Value: cid=82CEF06E3D57707605F5988A3EF6052EE
service.gigsandtours.com/	1969-12-31 23:59:59	Name: responder-7LDA-2RC Value: a4418ce0-24fb-44e7-b1b5-5b0fc6b375da
service.gigsandtours.com/	1970-01-20 19:53:00	Name: Survey-Started-ffe9a4a076d556397nih95bf182f7a4fafcc Value: 2024-04-15T10:27:41
.service.gigsandtours.com/	1970-01-20 19:52:58	Name: __cf_bm Value: eetY6oRo_1iS6wLnnL6NKsH31ZHABA7KDfAsd9cLUXs-1713176861-1.0.1.1-a3iYf.EyjDDUWfXbNwIgLTxIX00OVib5wCkCu5zX7xs9SzLVdWIKW9PmuY.6nGOLdw96WSPpTlP87920t1azNQ
.service.gigsandtours.com/	1970-01-21 04:38:32	Name: cf_clearance Value: G3mSmhNRiQozdBFoACMQT32K0MwLryH0sfDzN.J2mMg-1713176862-1.0.1.1-iABJcJ6LETJIZ76UtS3hu7m7jcEJ7Scll88WfzJLCdqZm7DMkZakxB10DO64B4CA9ozIp1NoC4jO0i52WNtS7A
service.gigsandtours.com/	1969-12-31 23:59:59	Name: respondentid7LDA-2RCcount Value: 0
service.gigsandtours.com/	1970-01-20 20:36:08	Name: respondentid7LDA-2RC Value: a4418ce0-24fb-44e7-b1b5-5b0fc6b375da

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://service.gigsandtours.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gigst.rs
i.emlfiles.com
service.gigsandtours.com
static.assetlab.io
172.66.0.126
18.244.18.53
99.81.129.21
0ca9ecfdac4d1c13b835607ff5728b5fa3713f121f64113a5e8d3da826b75ac3
24b3fed27d66e5206b9ca0d1550beee9c02b0e5901ec32c40bb969d2832f422c
24c4cb029e1ef5f4f7be23b39e458b4a2a04dfc73a494b93a14a41a402d9f574
426d9c15082c0afca6ec4b27261838285bc3bfe61e58859c41d5abeb4cdae8ae
61d9170cec4662b6192d48a7be6bc189c90bfef27bc6b4b6f141608ec4564fef
7e618f589131b63d656b0eb5d020eef6557bf0c71afb5d65c362e35e5faac38a
8ef4e2c943534649948f8eca035949b4c4a3a8f2dd0464f8c15d1ba5f55363d1
8f541679a89c284578f29c7c788b1daae241aacf3c342e600daddb8eb9f81d9e
cd59b7ad3b496f91f32dffcafbc47148ee76449a2570124a51f1adaae935a4d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc161a9b37f87768f8056a1051cccbe17b6897baebcaea974713cb49e8f558d1

service.gigsandtours.com Open in urlscan Pro 172.66.0.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

93 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

893 kBTransfer

1539 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

service.gigsandtours.com Open in urlscan Pro
172.66.0.126 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

893 kB
Transfer

1539 kB
Size

8
Cookies

14 HTTP transactions
0 data transactions