www.ticketsatwork.com
Open in
urlscan Pro
104.18.16.144
Public Scan
Submitted URL: https://e.email.ticketsatwork.com/click?Ec2hlbGVrYS5sdXBlckBhbWVyaWNhbmZpZGVsaXR5LmNvbQ/CeyJtaWQiOiIxNjc0NTAyNzAyMTAzMTg4MmJmNzBkO...
Effective URL: https://www.ticketsatwork.com/tickets/packages.php?sub=packages&action=view&id=3398&campaign=AARP&utm_campaign=AARP-highlight1...
Submission: On January 23 via api from US — Scanned from DE
Effective URL: https://www.ticketsatwork.com/tickets/packages.php?sub=packages&action=view&id=3398&campaign=AARP&utm_campaign=AARP-highlight1...
Submission: On January 23 via api from US — Scanned from DE
Summary
This website contacted 9 IPs
in 3 countries
across 7 domains to perform 17 HTTP transactions.
The main IP is 104.18.16.144, located in
and
belongs to CLOUDFLARENET, US.
The main domain is www.ticketsatwork.com.
The Cisco Umbrella rank of the primary domain is 94871.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time www.ticketsatwork.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time www.ticketsatwork.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 96.47.24.171 96.47.24.171 | 46263 (EDIALOG) (EDIALOG) | |
| 6 | 104.18.16.144 104.18.16.144 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 2606:4700::68... 2606:4700::6812:1f4e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 104.18.30.78 104.18.30.78 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 35.190.26.57 35.190.26.57 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 104.18.143.76 104.18.143.76 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2600:9000:214... 2600:9000:214f:b400:1b:9b5:7e00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 151.101.128.65 151.101.128.65 | 54113 (FASTLY) (FASTLY) | |
| 17 | 9 |
1
96.47.24.171
(United States)
ASN46263 (EDIALOG, US)
PTR: s.dwr.com.mx1.bm16.maas.zetaglobal.net
ASN46263 (EDIALOG, US)
PTR: s.dwr.com.mx1.bm16.maas.zetaglobal.net
| e.email.ticketsatwork.com |
4
2606:4700::6812:1f4e
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| performance.radar.cloudflare.com | |
| ipv6-check-perf.radar.cloudflare.com |
1
35.190.26.57
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 57.26.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 57.26.190.35.bc.googleusercontent.com
| benchmark.1e100cdn.net |
1
2a02:26f0:3500:16::215:148b
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| cedexis-test.akamaized.net |
1
2600:9000:214f:b400:1b:9b5:7e00:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| p29.cedexis-test.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
ticketsatwork.com
1 redirects
e.email.ticketsatwork.com — Cisco Umbrella Rank: 90923 www.ticketsatwork.com — Cisco Umbrella Rank: 94871 |
32 KB |
| 5 |
cloudflare.com
performance.radar.cloudflare.com — Cisco Umbrella Rank: 24380 ipv6-check-perf.radar.cloudflare.com — Cisco Umbrella Rank: 188340 ipv4-check-perf.radar.cloudflare.com — Cisco Umbrella Rank: 93308 |
7 KB |
| 2 |
cedexis-test.com
p29.cedexis-test.com — Cisco Umbrella Rank: 11787 fastly.cedexis-test.com — Cisco Umbrella Rank: 11967 |
201 KB |
| 1 |
ptcfc.com
ptcfc.com — Cisco Umbrella Rank: 10761 |
100 KB |
| 1 |
akamaized.net
cedexis-test.akamaized.net — Cisco Umbrella Rank: 64360 |
100 KB |
| 1 |
1e100cdn.net
benchmark.1e100cdn.net — Cisco Umbrella Rank: 11275 |
100 KB |
| 0 |
every1dns.net
Failed
performance-radar.is-cf.help.every1dns.net Failed |
|
| 17 | 7 |
| Domain | Requested by | |
|---|---|---|
| 6 | www.ticketsatwork.com |
www.ticketsatwork.com
|
| 3 | performance.radar.cloudflare.com |
www.ticketsatwork.com
performance.radar.cloudflare.com |
| 1 | fastly.cedexis-test.com | |
| 1 | p29.cedexis-test.com | |
| 1 | ptcfc.com | |
| 1 | cedexis-test.akamaized.net | |
| 1 | benchmark.1e100cdn.net | |
| 1 | ipv4-check-perf.radar.cloudflare.com |
performance.radar.cloudflare.com
|
| 1 | ipv6-check-perf.radar.cloudflare.com |
performance.radar.cloudflare.com
|
| 1 | e.email.ticketsatwork.com | 1 redirects |
| 0 | performance-radar.is-cf.help.every1dns.net Failed |
performance.radar.cloudflare.com
|
| 17 | 11 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.cloudflare.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-08 - 2023-06-07 |
a year | crt.sh |
| radar.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-07-22 - 2023-07-21 |
a year | crt.sh |
| 1e100cdn.net GTS CA 1D4 |
2022-11-30 - 2023-02-28 |
3 months | crt.sh |
| a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-28 - 2023-06-30 |
a year | crt.sh |
| *.cedexis-test.com Amazon |
2022-10-16 - 2023-11-14 |
a year | crt.sh |
| fastly.cedexis-test.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-09-27 - 2023-10-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.ticketsatwork.com/tickets/packages.php?sub=packages&action=view&id=3398&campaign=AARP&utm_campaign=AARP-highlight1&utm_medium=January-23-2023-AARP&utm_source=Email&frombulletin=1&clthash=80991f4af5966b97094ded164c5af1f34dc2f2de&cmpid=17352&uid=&conv_source=zeta&bt_ee=qNwBtG1vJwHPvRKPEP4hx521QN1dFS1l4rFbxUvVSnrMAxu%2B8OOMnmzLjftf5MEnQ1tqmbvMn9ZtY4TNfSO5CQ%3D%3D&bt_ts=1674502271697
Frame ID: 028247E23445C9A26FAC85A85310FE25
Requests: 14 HTTP requests in this frame
Frame:
https://www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1674489600
Frame ID: 8C5CCFCA44F1D5BB811B9CFB8DB7929E
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Access deniedPage URL History Show full URLs
-
https://e.email.ticketsatwork.com/click?Ec2hlbGVrYS5sdXBlckBhbWVyaWNhbmZpZGVsaXR5LmNvbQ/CeyJtaWQiOiIxNjc0NTAyN...
HTTP 302
https://www.ticketsatwork.com/tickets/packages.php?sub=packages&action=view&id=3398&campaign=AARP&utm_camp... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.cloudflare.com/?utm_source=1020_error
Title: Cloudflare
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://e.email.ticketsatwork.com/click?Ec2hlbGVrYS5sdXBlckBhbWVyaWNhbmZpZGVsaXR5LmNvbQ/CeyJtaWQiOiIxNjc0NTAyNzAyMTAzMTg4MmJmNzBkOGJhIiwiY3QiOiJlYmctdGF3LTg0MjEwZWUxZTMwMGIzMTQ2NjgxMjc5OTkzZThhMzAwLTEiLCJyZCI6ImFtZXJpY2FuZmlkZWxpdHkuY29tIn0/HWkhfZWJndGF3X05EQkFNMDEyMzIwMjM4MDQzMzUxLGViMSxodHRwczovL3d3dy50aWNrZXRzYXR3b3JrLmNvbS90aWNrZXRzL3BhY2thZ2VzLnBocA/qP3N1Yj1wYWNrYWdlcyZhY3Rpb249dmlldyZpZD0zMzk4JmNhbXBhaWduPUFBUlAmdXRtX2NhbXBhaWduPUFBUlAtaGlnaGxpZ2h0MSZ1dG1fbWVkaXVtPUphbnVhcnktMjMtMjAyMy1BQVJQJnV0bV9zb3VyY2U9RW1haWwmZnJvbWJ1bGxldGluPTEmY2x0aGFzaD04MDk5MWY0YWY1OTY2Yjk3MDk0ZGVkMTY0YzVhZjFmMzRkYzJmMmRlJmNtcGlkPTE3MzUyJnVpZD0mY29udl9zb3VyY2U9emV0YSZidF9lZT1xTndCdEcxdkp3SFB2UktQRVA0aHg1MjFRTjFkRlMxbDRyRmJ4VXZWU25yTUF4dSUyQjhPT01ubXpMamZ0ZjVNRW5RMXRxbWJ2TW45WnRZNFROZlNPNUNRJTNEJTNEJmJ0X3RzPTE2NzQ1MDIyNzE2OTc/si037396244
HTTP 302
https://www.ticketsatwork.com/tickets/packages.php?sub=packages&action=view&id=3398&campaign=AARP&utm_campaign=AARP-highlight1&utm_medium=January-23-2023-AARP&utm_source=Email&frombulletin=1&clthash=80991f4af5966b97094ded164c5af1f34dc2f2de&cmpid=17352&uid=&conv_source=zeta&bt_ee=qNwBtG1vJwHPvRKPEP4hx521QN1dFS1l4rFbxUvVSnrMAxu%2B8OOMnmzLjftf5MEnQ1tqmbvMn9ZtY4TNfSO5CQ%3D%3D&bt_ts=1674502271697 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
packages.php
www.ticketsatwork.com/tickets/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
errors.css
www.ticketsatwork.com/cdn-cgi/styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
beacon.js
performance.radar.cloudflare.com/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
external.png
www.ticketsatwork.com/cdn-cgi/images/ |
265 B 483 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
187 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info
ipv6-check-perf.radar.cloudflare.com/api/ |
14 B 452 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
invisible.js
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8C5C |
40 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pica.js
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8C5C |
20 KB 8 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info
ipv4-check-perf.radar.cloudflare.com/api/ |
14 B 451 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
78e31620c89e9042
www.ticketsatwork.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8C5C |
2 B 458 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
resolvertest
performance-radar.is-cf.help.every1dns.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r20-100KB.png
benchmark.1e100cdn.net/ |
100 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r20-100KB.png
cedexis-test.akamaized.net/img/ |
100 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r20-100KB.png
ptcfc.com/img/284/ |
100 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
r20-100KB.png
p29.cedexis-test.com/img/ |
100 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
r20-100KB.png
fastly.cedexis-test.com/img/20367/ |
100 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
beacon
performance.radar.cloudflare.com/api/ |
15 B 297 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
beacon
performance.radar.cloudflare.com/api/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- performance-radar.is-cf.help.every1dns.net
- URL
- https://performance-radar.is-cf.help.every1dns.net/resolvertest?r=17859556
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange object| e boolean| t boolean| r boolean| o boolean| n boolean| s function| a function| c function| d function| h function| u function| f function| p function| y function| m object| b function| g function| w function| T object| v function| E function| S object| A function| $2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .radar.cloudflare.com/ | Name: __cf_bm Value: FQ7BaEhJDwJnC1Gpjsd7O1wAk124XFlDtt8iFKOEz0Y-1674503721-0-AXOg7vZqXazxuNZ7OsigXi30wbF18ne1vKuHKVvl+5MH0+jk86lRXgq2pTkpxGs9sQFZSUbIKr6MCns9lxoX+yY= |
|
| .ticketsatwork.com/ | Name: __cf_bm Value: hlWKA6eTuuApf7rFrHkiwXNmq5301UyHEUgBfJ24aj0-1674503721-0-Ac6d0LH24Dz1sqOS0hgH7MmZDt0f+oZ+xY1JptWaL4buagfQdhx+QEmWNe6XEZAMI7W7LHC+Pakv0jmJGXjoIKv8MCyN609GRLvz+xBn0gXMicBDgSg7feHRr0+wZ14vT+Y1KCz7adTPIcKMzlCL5SVhiZwEIR9xfw/jMFdKmYXKw+sxxLzeSvztCcQa2qFBoA== |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=5184000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
benchmark.1e100cdn.net
cedexis-test.akamaized.net
e.email.ticketsatwork.com
fastly.cedexis-test.com
ipv4-check-perf.radar.cloudflare.com
ipv6-check-perf.radar.cloudflare.com
p29.cedexis-test.com
performance-radar.is-cf.help.every1dns.net
performance.radar.cloudflare.com
ptcfc.com
www.ticketsatwork.com
performance-radar.is-cf.help.every1dns.net
104.18.143.76
104.18.16.144
104.18.30.78
151.101.128.65
2600:9000:214f:b400:1b:9b5:7e00:93a1
2606:4700::6812:1f4e
2a02:26f0:3500:16::215:148b
35.190.26.57
96.47.24.171
08cb1e3990398d778df5f31c715e938e6c23fa4facd4b253a79d7ac883004bb8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
3f6e1563db9b7f4f7072d532217bfb4d55c1d695e383748d6c54092f117c3d40
574b098b0c3e4a12f959bafb73cfa857b414f27ebe854f3910b3a45651ff7a0f
586e9dfdf34e9864bc2d9d823f5958c0ebc468e3111248dce646280146948388
892b5e2ac356db33728a5b26462c2f68cadf4d7da62d8047d3cbbda29652231a
8cba3871a8c942be724a5c69f39c5f72ec4b826b941c8fbd47311c041b4df9e5
9f03b2b292f718119a8203689d05692e054f1059112c981c1e20dec82e9f2ddb
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
eb5aa910369cd275c1a4e584616d76d92da0441c8002bd4803c53dd4f56a47e8