urlscan.io logo urlscan.io
SecurityTrails logo

mlb.tickets.com Open in urlscan Pro
92.122.215.94  Public Scan

Go To Rescan Add Verdict Report
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Submission: On April 29 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 16 domains to perform 39 HTTP transactions. The main IP is 92.122.215.94, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is mlb.tickets.com. The Cisco Umbrella rank of the primary domain is 65314.
TLS certificate: Issued by R3 on February 27th 2024. Valid for: 3 months.
This is the only time mlb.tickets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    92.122.215.94 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-122-215-94.deploy.static.akamaitechnologies.com
mlb.tickets.com
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
js.braintreegateway.com
www.paypalobjects.com
1    2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    3.161.82.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-16.fra56.r.cloudfront.net
tk3d.tk3dapi.com
1    13.35.58.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-2.fra60.r.cloudfront.net
global.oktacdn.com
1    151.101.209.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.mlbstatic.com
1    151.101.193.21 (None, )

ASN- ()
www.paypal.com
1    34.246.26.134 (None, )

ASN- ()
dpm.demdex.net
1    2a02:26f0:480:d9f::11a6 (None, )

ASN- ()
s.go-mpulse.net
1    2a00:1450:4001:80f::2008 (None, )

ASN- ()
www.googletagmanager.com
2    2a00:1450:4001:810::200e (None, )

ASN- ()
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
13 tickets.com
mlb.tickets.com — Cisco Umbrella Rank: 65314
1 MB
4 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 8440
31 KB
2 google-analytics.com
www.google-analytics.com
21 KB
2 google.com
pay.google.com — Cisco Umbrella Rank: 2903
apis.google.com — Cisco Umbrella Rank: 127
60 KB
1 googletagmanager.com
www.googletagmanager.com
1 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net Failed
49 KB
1 demdex.net
dpm.demdex.net
mlb.demdex.net Failed
2 KB
1 paypal.com
www.paypal.com
t.paypal.com Failed
6 KB
1 mlbstatic.com
www.mlbstatic.com — Cisco Umbrella Rank: 15086
15 KB
1 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 12323
90 KB
1 tk3dapi.com
tk3d.tk3dapi.com — Cisco Umbrella Rank: 54315
122 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2623
230 KB
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
0 everesttech.net Failed
cm.everesttech.net Failed
0 mlb.com Failed
ans.mlb.com Failed
0 mastercard.com Failed
src.mastercard.com Failed
39 16
Domain Requested by
13 mlb.tickets.com mlb.tickets.com
4 js.braintreegateway.com mlb.tickets.com
2 www.google-analytics.com mlb.tickets.com
www.google-analytics.com
1 www.googletagmanager.com mlb.tickets.com
1 s.go-mpulse.net mlb.tickets.com
1 dpm.demdex.net www.mlbstatic.com
1 www.paypal.com www.paypalobjects.com
1 www.mlbstatic.com mlb.tickets.com
1 global.oktacdn.com mlb.tickets.com
1 tk3d.tk3dapi.com mlb.tickets.com
1 www.paypalobjects.com mlb.tickets.com
1 apis.google.com mlb.tickets.com
1 pay.google.com mlb.tickets.com
pay.google.com
0 stats.g.doubleclick.net Failed www.google-analytics.com
0 c.go-mpulse.net Failed s.go-mpulse.net
0 cm.everesttech.net Failed mlb.tickets.com
0 ans.mlb.com Failed www.mlbstatic.com
0 mlb.demdex.net Failed www.mlbstatic.com
0 t.paypal.com Failed mlb.tickets.com
0 src.mastercard.com Failed mlb.tickets.com
39 20

This site contains no links.

Subject Issuer Validity Valid
purchase.tickets.com
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.tk3dapi.com
Amazon RSA 2048 M02		 2023-06-04 -
2024-07-02		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
www.mlbstatic.com
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Frame ID: EF86610E24B09726D2ABD74F0AE6AA3F
Requests: 39 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmlb.tickets.com&mid=
Frame ID: 30E2707995D8A42F2E3BF86B83E0466F
Requests: 1 HTTP requests in this frame

Frame: https://mlb.demdex.net/dest5.html?d_nsid=0
Frame ID: 63E51ABEBFB68CFBC1FFFF440F9A37B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

39
Requests

74 %
HTTPS

42 %
IPv6

16
Domains

20
Subdomains

13
IPs

3
Countries

1803 kB
Transfer

7063 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mlb.tickets.com/ 		33 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
122980bec4eb2e7ea804aa20c005146d0f1b1fe417875e8e3f72e2db1bc44cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store
content-encoding
gzip
content-length
13454
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 19:00:17 GMT
etag
W/"7293-QI2Gr8Btji1B5RfVKASgxWxYjRE"
server
nginx
server-timing
cdn-cache; desc=MISS edge; dur=163 origin; dur=1117 ak_p; desc="1714417216019_1551554392_29533500_128027_31465_39_85_255";dur=1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 11441 0 pmb=mTOE,3mRUM,1
x-cache-status
MISS
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
vendor-styles.css
mlb.tickets.com/style/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/style/vendor-styles.css
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a5ab7ec9e19fed0380c8f6ced1bc8646126be19bc9c1446c2528801d725b5c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
HIT
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=MISS, edge; dur=122, origin; dur=97, ak_p; desc="1714417217513_1551554392_29533796_21949_9561_40_0_255";dur=1
content-length
25830
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"2778b-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Apr 2024 19:00:17 GMT
app-font-faces.css
mlb.tickets.com/style/ 		2 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/style/app-font-faces.css
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5812bd156493f9b5ecf4b219b775073bb8e6d7bddc1879813bd3018903537d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
HIT
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=MISS, edge; dur=70, origin; dur=96, ak_p; desc="1714417217513_1551554392_29533797_16651_9406_39_0_255";dur=1
content-length
293
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"63c-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Apr 2024 19:00:17 GMT
mpv-unified-design.css
mlb.tickets.com/style/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/style/mpv-unified-design.css
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1903df51aaba66947f8d41b4b999786d05b6ad7039fa6dad678227fff8f41add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
STALE
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=MISS, edge; dur=33, origin; dur=95, ak_p; desc="1714417217513_1551554392_29533798_12830_9183_39_0_255";dur=1
content-length
7496
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"9b14-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
expires
Mon, 29 Apr 2024 19:00:17 GMT
client.style.css
mlb.tickets.com/style/client/ 		239 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/style/client/client.style.css?styleKey=INIV&version=4.10.0
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7b735896b90099a971c120792b9980cb5ffe98316235827c95de708d13e511e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
STALE
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=19, origin; dur=98, ak_p; desc="1714417217513_1551554392_29533799_11719_9400_40_0_255";dur=1
content-length
35968
x-xss-protection
1; mode=block
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, no-transform, max-age=276
ultra.style.css
mlb.tickets.com/style/client/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/style/client/ultra.style.css?styleKey=INIV
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8d23ab1d841593b5de3b81326dc6400897a8bde031e519821b3e15b730855fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
MISS
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=12, origin; dur=237, ak_p; desc="1714417217513_1551554392_29533800_24902_9311_39_0_255";dur=1
content-length
1605
x-xss-protection
1; mode=block
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, no-transform, max-age=292
merchant.js
src.mastercard.com/srci/integration/ 		0
0
client.min.js
js.braintreegateway.com/web/3.45.0/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.45.0/js/client.min.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB5) /
Resource Hash
a7b47430bb894bb0cb26cc82a738586d5f6f09e3eff4e752c6b91e059eb6f0ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
17049024f8c59
dc
ccg11-origin-www-1.paypal.com
content-length
11911
last-modified
Fri, 10 Dec 2021 00:01:48 GMT
server
ECAcc (frc/4CB5)
traceparent
00-000000000000000000017049024f8c59-3ac17e70f47816c5-01
etag
W/"61b298ec-9b8f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
pay.js
pay.google.com/gp/p/js/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d56fbe0a29899bea40e589c82493cc6c9fcb284645198e1911f30042df3b3488
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NyTXp9d1i_9Y4Ni2prOvRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NyTXp9d1i_9Y4Ni2prOvRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjStHikmLw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UMybBN8-ZJL6-ZNIAYjGf6ayHo6ezOqXPYA0CYp_6GawxQNx68xzrVCA2jDzPmvTvPGsREAvxcBy8s38jm8CPUzcXMwEAomEulw"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 29 Apr 2024 19:00:17 GMT
google-payment.min.js
js.braintreegateway.com/web/3.45.0/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.45.0/js/google-payment.min.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CAF) /
Resource Hash
8048dcd96ad7f2f8e681dd3cbc05c56277deef89ee69c403fd2844901bed58aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
ca35cfe251d45
dc
ccg11-origin-www-1.paypal.com
content-length
6450
last-modified
Fri, 10 Dec 2021 00:01:48 GMT
server
ECAcc (frc/4CAF)
traceparent
00-0000000000000000000ca35cfe251d45-d49170ea25698d1f-01
etag
W/"61b298ec-5079"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
platform.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21302
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"791be0a0400d03a0"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Apr 2024 19:00:17 GMT
checkout.js
www.paypalobjects.com/api/ 		1 MB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D06) /
Resource Hash
b5177a84ca69525b34dc730206d7ceba6146686a38d7a4b4ec2bdd2246523d39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
2a70afe9aee72
dc
ccg11-origin-www-1.paypal.com
content-length
235231
last-modified
Mon, 08 Apr 2024 16:30:22 GMT
server
ECAcc (frc/4D06)
traceparent
00-00000000000000000002a70afe9aee72-bed4873a34ea2da6-01
etag
"66141b9e-16d00d+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 30 Apr 2024 19:00:17 GMT
paypal-checkout.min.js
js.braintreegateway.com/web/3.45.0/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.45.0/js/paypal-checkout.min.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF0) /
Resource Hash
1cf7ac3019142e883a216304574ca49d6f4d0c352ecead593b0050cfcde46408
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
2cff0aa99b2db
dc
ccg11-origin-www-1.paypal.com
content-length
6507
last-modified
Fri, 10 Dec 2021 00:01:48 GMT
server
ECAcc (frc/4CF0)
traceparent
00-00000000000000000002cff0aa99b2db-79340868bdc73945-01
etag
W/"61b298ec-5108"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
apple-pay.min.js
js.braintreegateway.com/web/3.45.0/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.45.0/js/apple-pay.min.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA2) /
Resource Hash
f37ea7f6be909ffb0d76e0d146ec9211231ef5f2b670d29955c126828a93e956
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
f9a09a861e8f3
dc
ccg11-origin-www-1.paypal.com
content-length
5751
last-modified
Fri, 10 Dec 2021 00:01:48 GMT
server
ECAcc (frc/4CA2)
traceparent
00-0000000000000000000f9a09a861e8f3-f2d798bae34bc43d-01
etag
W/"61b298ec-4854"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
TICKETING3D.js
tk3d.tk3dapi.com/ticketing3d/stable/ 		388 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tk3d.tk3dapi.com/ticketing3d/stable/TICKETING3D.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-16.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3242e449fcf4c4b419fa5621119bc61bcc119d5409b1f7e6dd270c9f71694e4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 05:45:47 GMT
content-encoding
gzip
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 08:39:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
1689287
etag
W/"d292b275530912774c17377394fc81ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
kbNyP9yLRcWWyWVkKeoqeQuIH4mfc8zrYFntxnLSShYZ6PSm-BXjSQ==
okta-auth-js.min.js
global.oktacdn.com/okta-auth-js/5.2.2/ 		328 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-auth-js/5.2.2/okta-auth-js.min.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b9d5d3a45fe2793a3f7c8e93987d7d6021faf624e2a052f295f84d2d28f233b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
RSyYnbYTt8X_brTvzUbyv.2IKBGdA_W0
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 28 Apr 2024 23:22:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P10
age
70684
via
1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Jul 2021 20:15:02 GMT
server
AmazonS3
etag
W/"246ee0e211a252b503c18e479d708791"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
qGHlreExIjfmwk2EQbCA9LrM1TBRXz6uPXYjSwxm5_7xZPPUBfhneQ==
vendor.a80b3a841d6fb2233a80.js
mlb.tickets.com/js/ 		729 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/js/vendor.a80b3a841d6fb2233a80.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6199ce14e31649496bdedff5acf8645f7e4aa211fd3bafc0d671892a802116cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
HIT
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1714417217513_1551554392_29533801_532_9351_40_0_219";dur=1
content-length
252016
x-xss-protection
1; mode=block
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"b652d-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=262
app.97ef03cccf0e71bd2ad9.js
mlb.tickets.com/js/ 		2 MB
626 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/js/app.97ef03cccf0e71bd2ad9.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d84c203df2ff629860748eb36c78bc82f998c362fa0c0e90b32fdacad448afa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
MISS
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=65, origin; dur=0, ak_p; desc="1714417217521_1551554392_29533802_7377_9489_40_0_219";dur=1
content-length
640142
x-xss-protection
1; mode=block
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"2111d1-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=248
app-templates.c5b2377735ab1405f004.js
mlb.tickets.com/js/ 		480 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/js/app-templates.c5b2377735ab1405f004.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f3ce759b09aced21e2f873f1174226125c565ebc68a3a53b35505e9c42259c5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
HIT
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1714417217513_1551554392_29533803_378_9397_40_0_219";dur=1
content-length
79701
x-xss-protection
1; mode=block
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"781e8-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=416
VisitorAPI-TDC.js
www.mlbstatic.com/mlb.com/vendor/adobe/analytics/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlbstatic.com/mlb.com/vendor/adobe/analytics/VisitorAPI-TDC.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.209.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4723a6490f0c80009b1197cc9f57c36c3754f3d690e6f5f55279819d84c0ce7a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
3
date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
via
1.1 varnish
age
299
x-cache
HIT
content-length
15196
x-served-by
cache-ewr18128-EWR
last-modified
Tue, 04 Feb 2020 13:28:19 GMT
server
UploadServer
x-timer
S1714417218.787135,VS0,VE0
etag
"df366f4839b70c4182216690e36eac9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sat, 06 Apr 2024 03:37:47 GMT
adobe-target.0867258f057485481153.js
mlb.tickets.com/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/js/adobe-target.0867258f057485481153.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
97e0e60f756cb5425955db281071ae7df76ee47da6083420b600b95ed35182ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:17 GMT
x-cache-status
MISS
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714417217513_1551554392_29533804_60_9408_40_0_219";dur=1
content-length
33512
x-xss-protection
1; mode=block
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"17d45-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=297
2a07afa4
mlb.tickets.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/akam/13/2a07afa4
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2cb730f488d7ae0788155af49e2c09533463d62dec9ee726d830a2d5714799d9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2024 19:36:50 GMT
etag
"0358a32d13c6dc288830e93b8f32dd1017293c12a3ced6225e9e06358cc228a4"
stored-attribute-sha-checksum
2cb730f488d7ae0788155af49e2c09533463d62dec9ee726d830a2d5714799d9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600
server-timing
cdn-cache; desc=HIT, edge; dur=80, origin; dur=0, ak_p; desc="1714417217877_1551554392_29533887_7927_4316_41_0_146";dur=1
content-length
8783
expires
Mon, 29 Apr 2024 19:00:17 GMT
tYAXc
mlb.tickets.com/J9K2kF_bP/MYr3riVXU/jqjMHxG5c/QE1wLrrzrL/DS92/XHYZMm/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/J9K2kF_bP/MYr3riVXU/jqjMHxG5c/QE1wLrrzrL/DS92/XHYZMm/tYAXc
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
818b8580c7436c9300ddcf9ea3f2eb3915170fccf2952727d1d06019b9f12859

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:17 GMT
content-encoding
br
last-modified
Wed, 02 Aug 2023 16:13:51 GMT
etag
"f6051ff743a105c874c82d55d0ae6b4b69258c489f8c8ff0fa167c298a74e744"
stored-attribute-sha-checksum
818b8580c7436c9300ddcf9ea3f2eb3915170fccf2952727d1d06019b9f12859
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600, max-age=21600
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714417217513_1551554392_29533805_64_4847_40_0_219";dur=1
content-length
74770
pptm.js
www.paypal.com/tagmanager/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=mlb.tickets.com&source=checkoutjs&t=xo&v=4.0.343
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IwaQtCXJHdrCaPUb1/N0DQaYLQ5bjIR0uFzd+UeluPijo2Dk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IwaQtCXJHdrCaPUb1/N0DQaYLQ5bjIR0uFzd+UeluPijo2Dk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 19:00:47 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1686
x-cache
HIT, MISS
paypal-debug-id
f424960bb3c2b
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220134-FRA, cache-fra-etou8220134-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f424960bb3c2b-1f165969be37e97e-01
x-timer
S1714417248.639551,VS0,VE5
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A65F776A5245B01B0A490D44%40AdobeOrg&d_nsid=0&ts=1714417247622
Requested by
Host: www.mlbstatic.com
URL: https://www.mlbstatic.com/mlb.com/vendor/adobe/analytics/VisitorAPI-TDC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.246.26.134 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
927371488d9e3784c52c773d7ea17596b75f8949347c670acdf1e978d8cb08a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v060-08f58ea70.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Mon, 29 Apr 2024 19:00:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
HdRX0txSSy0=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://mlb.tickets.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1448
expires
Thu, 01 Jan 1970 00:00:00 UTC
HML8Q-9RNBL-NSQ27-JTS5T-22MYK
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/HML8Q-9RNBL-NSQ27-JTS5T-22MYK
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d9f::11a6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:47 GMT
content-encoding
br
last-modified
Mon, 08 Apr 2024 16:38:00 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		134 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M9P67ZT
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 19:00:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
111078
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Apr 2024 19:00:47 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 17:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4784
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Apr 2024 19:41:03 GMT
tYAXc
mlb.tickets.com/J9K2kF_bP/MYr3riVXU/jqjMHxG5c/QE1wLrrzrL/DS92/XHYZMm/ 		0
0
proximanova-regular-webfont.woff2
mlb.tickets.com/style/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mlb.tickets.com/style/fonts/proximanova-regular-webfont.woff2
Requested by
Host: mlb.tickets.com
URL: https://mlb.tickets.com/style/app-font-faces.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.122.215.94 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-215-94.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
39b137e5fcea119218be1c84065ab0fe6e3a59f115a50c8755ba604b6558ec96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mlb.tickets.com/style/app-font-faces.css
Origin
https://mlb.tickets.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Apr 2024 19:00:47 GMT
x-content-type-options
nosniff
x-cache-status
HIT
x-dns-prefetch-control
off
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=98, ak_p; desc="1714417247697_1551554392_29546571_11379_10117_41_0_255";dur=1
content-length
21120
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 22 Apr 2024 16:14:43 GMT
server
nginx
etag
W/"5280-18f06969538"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Mon, 29 Apr 2024 19:00:47 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
payframe
pay.google.com/gp/p/ui/ Frame 30E2 		0
0
app
mlb.tickets.com/lang/ 		0
0
ts
t.paypal.com/ 		0
0
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=957888024&t=pageview&_s=1&dl=https%3A%2F%2Fmlb.tickets.com%2F%3Fagency%3DINIM_MYTIXX%26orgid%3D54032&ul=de-de&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=456213204&gjid=254189658&cid=2006699140.1714417248&tid=UA-54735735-3&_gid=1120016262.1714417248&_r=1&_slc=1&z=1274125889
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://mlb.tickets.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 19:00:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mlb.tickets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
mlb.demdex.net/ Frame 63E5 		0
0
id
ans.mlb.com/ 		0
0
dd
cm.everesttech.net/cm/ 		0
0
config.json
c.go-mpulse.net/api/ 		0
0
collect
stats.g.doubleclick.net/j/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
src.mastercard.com
URL
https://src.mastercard.com/srci/integration/merchant.js?locale=en_us&checkoutid=ceec17962ee64c0b8ae9d07128f432b4
Domain
mlb.tickets.com
URL
https://mlb.tickets.com/J9K2kF_bP/MYr3riVXU/jqjMHxG5c/QE1wLrrzrL/DS92/XHYZMm/tYAXc
Domain
pay.google.com
URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmlb.tickets.com&mid=
Domain
mlb.tickets.com
URL
https://mlb.tickets.com/lang/app?agency=INIM_MYTIXX&ccid=INIV&configKey=INIV&locale=en_US&nocache=false&orgid=54032&version=4.10.0
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=MyProVenue%E2%84%A2&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1714417247747&g=-120&completeurl=https%3A%2F%2Fmlb.tickets.com%2F%3Fagency%3DINIM_MYTIXX%26orgid%3D54032&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Domain
mlb.demdex.net
URL
https://mlb.demdex.net/dest5.html?d_nsid=0
Domain
ans.mlb.com
URL
https://ans.mlb.com/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=A65F776A5245B01B0A490D44%40AdobeOrg&mid=41491110429681619643510616539113741503&ts=1714417247856
Domain
cm.everesttech.net
URL
https://cm.everesttech.net/cm/dd?d_uuid=41745795144929303243513854811676187399
Domain
c.go-mpulse.net
URL
https://c.go-mpulse.net/api/config.json?key=HML8Q-9RNBL-NSQ27-JTS5T-22MYK&d=mlb.tickets.com&t=5714724&v=1.720.0&sl=0&si=dff0af8b-6052-4369-b02d-552f831d960a-scpwsg&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=749495
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54735735-3&cid=2006699140.1714417248&jid=456213204&gjid=254189658&_gid=1120016262.1714417248&_u=IEBAAEAAAAAAACAAI~&z=917271877

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pvomConf

4 Cookies

Domain/Path Name / Value
.tickets.com/ Name: bm_sz
Value: 662291492C9FD8BD67657AAD110625A0~YAAQWNd6XO3QlSmPAQAAia86Kxd3c1fKfLV5PGQhpeeGqudgn79Q0eBNMVh1UTDj6XoOWByWk6+++FUlXbXNVY98Hw+v1nwuZ1d9ZdNyiQZIrkNWaRIVsPF82qicUhjgwdmXTIDiuYLldt3L3d0XxuMVa7bpBXtoEHREfSqTB9aYbcrEVLeifvN3JL9h+bwTewvGNIUFCw9iio2f58TCucOIAhJWw5HJIIiMXjeZPJR4tx1gbHm/WIj7PlMgquPbU3nYfscylsr2vBqdIWhZHYEYYBeX2BjLPAe2xgbKidZTnGhGXmerjpM1RdTU9uOhs0HaTfvu41GuDdNh1tW00u3hynS2QnJz6G7LXtfJWtQZoZTimhojWIxcbi4zWm1WKH0v5aZJ4vm3t3fQtg==~3486789~4539718
.tickets.com/ Name: _abck
Value: 51362B2FF6358C630BB08CDE9D9277EB~-1~YAAQWNd6XPPQlSmPAQAA7q86KwvJMStzWAJTvjR/zsTlIVpk5669qpm7A3yh8OmMbjughAXQLDWjF6Nee7Q2DXc/4nHM69HSVHOtCebOBnhroDKdC1WKiRTJK1w6FSdvwqFffqTY4718+bxI5PeUQvEu/aSNxGDFbTcnQpsda2pqpP7yyho+NDrblvRQEHtkYizIe/K5zAEinEMuIpBoFMdty9r+zeUA2BukljFu4KhqBtZQRK0393BXRyZ4xsOavn5mz8DydkP3sTwRQvLa/yTJKg5UiaiwW03sduYt3aCoja5WpA2qb+HbHbyXC3hYjRoctVNw2WymFDZa2ohp2UlRlqqC8ODyppauAsnTbnxJqXVeij7BkSB9yAUYm0IdZsymAnK/eVfusMc=~-1~-1~-1
.google.com/ Name: NID
Value: 513=hFXTi4LLPV9feqANM-kXproyZwys4jM-9E1JwU42qSEarqjgUonZ5JWK8S7-fMfuAiAIgSQLGJt1JLOr2Z8JWon5bjTwVmEYCxlSs4rDULEhopdACspv5YRrustU2MT3DeKRFQZUokw2nfQu_-HHO0UTcFaGLSq2nbQo38K5CQ0
.tickets.com/ Name: ak_bmsc
Value: 248C468A1CD4DD9CE347DBCCC92BB7E0~000000000000000000000000000000~YAAQWNd6XBjRlSmPAQAAqbE6KxfB93O+UPIaDndMkYmS3KdDGZxxOzmULrHzWG4mly8pT/6lWB3IsaGPtugdhH+5+BGCIwEM+3Yv4pcKMQFiNQA+TbCgqNatW/YAd1nyLYQuh+BSnZc2hqh0T3iDnuybF+YG2WTqzJzaJlCnNYFa3dNY4VXDWdn9R5V0il6IjpVtMegomuyyA8bVHOqXVYj/mvHmKdKg1rm0N3B3OHlAdLWNo6xL4QIpuY0i3iwpf7H9oEIAwQ5VA93OCOrNLTMlfNSJKW2xOrK1XKPn+OQPCicGSuO6JQLPHNkDHzddDiQ2DIr3PGPKdjV9d0/34Jb2Rwzsdobt4QWZL96Ked3IS3UxEsTySSNk+qm4RynXgzvpCUgekYgOl5sMovi3OOtR56U6xoQH/kM985RDQlwC4nKt8A==

3 Console Messages

Source Level URL
Text
other warning URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://src.mastercard.com/srci/integration/merchant.js?locale=en_us&checkoutid=ceec17962ee64c0b8ae9d07128f432b4
Message:
Failed to load resource: net::ERR_TIMED_OUT
other warning URL: https://mlb.tickets.com/?agency=INIM_MYTIXX&orgid=54032
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ans.mlb.com
apis.google.com
c.go-mpulse.net
cm.everesttech.net
dpm.demdex.net
global.oktacdn.com
js.braintreegateway.com
mlb.demdex.net
mlb.tickets.com
pay.google.com
s.go-mpulse.net
src.mastercard.com
stats.g.doubleclick.net
t.paypal.com
tk3d.tk3dapi.com
www.google-analytics.com
www.googletagmanager.com
www.mlbstatic.com
www.paypal.com
www.paypalobjects.com
ans.mlb.com
c.go-mpulse.net
cm.everesttech.net
mlb.demdex.net
mlb.tickets.com
pay.google.com
src.mastercard.com
stats.g.doubleclick.net
t.paypal.com
13.35.58.2
151.101.193.21
151.101.209.91
192.229.221.25
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c09::5c
2a02:26f0:480:d9f::11a6
3.161.82.16
34.246.26.134
92.122.215.94
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
122980bec4eb2e7ea804aa20c005146d0f1b1fe417875e8e3f72e2db1bc44cfb
1903df51aaba66947f8d41b4b999786d05b6ad7039fa6dad678227fff8f41add
1cf7ac3019142e883a216304574ca49d6f4d0c352ecead593b0050cfcde46408
2cb730f488d7ae0788155af49e2c09533463d62dec9ee726d830a2d5714799d9
39b137e5fcea119218be1c84065ab0fe6e3a59f115a50c8755ba604b6558ec96
4723a6490f0c80009b1197cc9f57c36c3754f3d690e6f5f55279819d84c0ce7a
5812bd156493f9b5ecf4b219b775073bb8e6d7bddc1879813bd3018903537d9c
6199ce14e31649496bdedff5acf8645f7e4aa211fd3bafc0d671892a802116cf
7b735896b90099a971c120792b9980cb5ffe98316235827c95de708d13e511e7
8048dcd96ad7f2f8e681dd3cbc05c56277deef89ee69c403fd2844901bed58aa
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
818b8580c7436c9300ddcf9ea3f2eb3915170fccf2952727d1d06019b9f12859
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
8b9d5d3a45fe2793a3f7c8e93987d7d6021faf624e2a052f295f84d2d28f233b
8d23ab1d841593b5de3b81326dc6400897a8bde031e519821b3e15b730855fe5
927371488d9e3784c52c773d7ea17596b75f8949347c670acdf1e978d8cb08a7
97e0e60f756cb5425955db281071ae7df76ee47da6083420b600b95ed35182ef
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
a3242e449fcf4c4b419fa5621119bc61bcc119d5409b1f7e6dd270c9f71694e4
a5ab7ec9e19fed0380c8f6ced1bc8646126be19bc9c1446c2528801d725b5c3e
a7b47430bb894bb0cb26cc82a738586d5f6f09e3eff4e752c6b91e059eb6f0ab
b5177a84ca69525b34dc730206d7ceba6146686a38d7a4b4ec2bdd2246523d39
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d56fbe0a29899bea40e589c82493cc6c9fcb284645198e1911f30042df3b3488
d84c203df2ff629860748eb36c78bc82f998c362fa0c0e90b32fdacad448afa6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f37ea7f6be909ffb0d76e0d146ec9211231ef5f2b670d29955c126828a93e956
f3ce759b09aced21e2f873f1174226125c565ebc68a3a53b35505e9c42259c5f