vote.ticketsbot.net Open in urlscan Pro
2606:4700:20::681a:89  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://vote.ticketsbot.net/ Page URL
2. https://vote.ticketsbot.net/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	503	/ Show response vote.ticketsbot.net/	9 KB 10 KB	102ms 30ms	Document text/html	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be374488e0e4f259ecc4430f7310b754f7e8a98accd0733e625f06896dbcd3cd Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :method GET :authority vote.ticketsbot.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 08 Sep 2021 12:12:47 GMT content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I13SxdjXo1hgUEPMI3bbZI2KC4hpLSluqUyeT6WKKhM6R0zRBvn4rPbYRPBhsT%2FRUlo4O%2FhWNDfPAmGqOHsP2uyYGAUa2ZENrANrd47WaFuFRrIsyh%2BCxhCYez1OesLjKrGcGeoKO%2BgMnH3PsmnL7Q%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding strict-transport-security max-age=15552000; preload x-content-type-options nosniff server cloudflare cf-ray 68b8164eefc52bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	v1 Show response vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	41 KB 15 KB	80ms 79ms	Script text/javascript	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b8164eefc52bf2 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13acffd94278f5deeca76dd10b70bfb342111ab2489da6111b4c9bf4b5e1d91c Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers :path /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b8164eefc52bf2 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:12:47 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksy7Ece2aq9%2BIKaqHTjsr3VkAIszNol3H4BGb1NfOHITGILjv4GJi5Q2fTPUT4x9zIpKXGD4Y7ATbmdDHq3lFIY9w2MMZZMJnPTHwxGH6Kng81Si3LcsbvlsslVMTDv6XYnS95CiczLdl5Za3SPxCkE%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate strict-transport-security max-age=15552000; preload cf-ray 68b8164f387e2bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	transparent.gif vote.ticketsbot.net/cdn-cgi/images/trace/jschal/js/	42 B 196 B	17ms 17ms	Image image/gif	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vote.ticketsbot.net/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68b8164eefc52bf2 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68b8164eefc52bf2 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:12:47 GMT x-content-type-options nosniff last-modified Wed, 01 Sep 2021 15:48:41 GMT server cloudflare etag "612fa0d9-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200 public accept-ranges bytes cf-ray 68b8164f38812bf2-FRA vary Accept-Encoding content-length 42 expires Wed, 08 Sep 2021 14:12:47 GMT
GET H2	200	transparent.gif vote.ticketsbot.net/cdn-cgi/images/trace/jschal/nojs/	42 B 101 B	17ms 17ms	Image image/gif	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vote.ticketsbot.net/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68b8164eefc52bf2 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68b8164eefc52bf2 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:12:47 GMT x-content-type-options nosniff last-modified Wed, 01 Sep 2021 15:48:41 GMT server cloudflare etag "612fa0d9-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200 public accept-ranges bytes cf-ray 68b8164f38842bf2-FRA vary Accept-Encoding content-length 42 expires Wed, 08 Sep 2021 14:12:47 GMT
POST H2	200	92619de4d7cd388 Show response vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2/	60 KB 33 KB	91ms 91ms	XHR text/plain	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2/92619de4d7cd388 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b8164eefc52bf2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fbd3828798f319617d9f11266bdbd533ec7bc80432b380634dc80cb9d84082a Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers sec-fetch-mode cors origin https://vote.ticketsbot.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie cf_chl_prog=e content-length 1852 :path /cdn-cgi/challenge-platform/h/g/flow/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2/92619de4d7cd388 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 content-type application/x-www-form-urlencoded accept */* cache-control no-cache :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin cf-challenge 92619de4d7cd388 :method POST Referer https://vote.ticketsbot.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 CF-Challenge 92619de4d7cd388 Content-type application/x-www-form-urlencoded Response headers date Wed, 08 Sep 2021 12:12:48 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuU983OZd572cGb7rh0uFrpI%2FNtU7N2vEfpTN4M0WYT5fSZqTbGQ0LFRkkG3u3mFBtgM7SMGRNvq4pFcz6j5TqWZ1a3MCiduM8ehsRmZ3t1MczSZptdrd1VjTKZlxWOrvKnjBtL4HzoikCC2gyrMi74%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 set-cookie cf_chl_seq_92619de4d7cd388=302ea4043447f73;SameSite=Strict;Secure;HttpOnly strict-transport-security max-age=15552000; preload cf-ray 68b8164ffa4d2bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET BLOB	200 OK	4dd48ac5-2d1a-497d-8ce7-c14e299c2874 https://vote.ticketsbot.net/	120 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://vote.ticketsbot.net/4dd48ac5-2d1a-497d-8ce7-c14e299c2874 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Length 120 Content-Type application/javascript
POST H2	200	92619de4d7cd388 Show response vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/beacon/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2/	0 267 B	24ms 24ms	XHR text/plain	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/beacon/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2/92619de4d7cd388 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b8164eefc52bf2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers sec-fetch-mode cors origin https://vote.ticketsbot.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie cf_chl_prog=a5 content-length 436 :path /cdn-cgi/challenge-platform/h/g/beacon/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2/92619de4d7cd388 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 content-type application/x-www-form-urlencoded accept */* cache-control no-cache :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method POST Referer https://vote.ticketsbot.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 08 Sep 2021 12:12:48 GMT x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6n3QF38yhY6ghpB6Wa714Kxc2vw%2Bfzgov7SNNJaV0OBHTSArCu4dWZZzIaquooj8QbshBg8t%2BW%2BmVKn1mJ0XJfdpd%2FHnMfU9lcihZLMPZY1xvn6rUpGgrMGimdSn2TecEpY6x4m1LNLROsB9wdbwBc%3D"}],"group":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; preload cf-ray 68b816550d042bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0
GET H2	503	Primary Request / Show response vote.ticketsbot.net/	9 KB 9 KB	23ms 22ms	Document text/html	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 731fd910901f6944830a026b5010b7cc9b75d728c4a3df6face6b00affc781b7 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :method GET :authority vote.ticketsbot.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://vote.ticketsbot.net/ accept-encoding gzip, deflate, br cookie cf_chl_prog=b; cf_chl_rc_ni=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ Response headers date Wed, 08 Sep 2021 12:12:50 GMT content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrkbPRD31aGZJMXdZxHqjQI4W4Otni9PtfMcvrHJWDPZ8rMBEa86jXAc92KrjwVMsVfwn5iPNe9NKE4LxUb12vO2PxRk%2FTN2pWEX2HOIdPMzRzmQAdib1bc%2Bu%2BIChq%2FXJiR7pypSLBqsvjQ9lgHc%2FCQ%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding strict-transport-security max-age=15552000; preload x-content-type-options nosniff server cloudflare cf-ray 68b816628fcf2bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	v1 Show response vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	40 KB 14 KB	40ms 39ms	Script text/javascript	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b816628fcf2bf2 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e7b246a81706254ce74f3277e108e7710f7da812e4cb5686b562255e160fdfe Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers :path /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b816628fcf2bf2 pragma no-cache cookie cf_chl_prog=b; cf_chl_rc_ni=1 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:12:51 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwJwDtChz%2FgnuzAIez9a4ZNLUWI%2BnefY%2BTp%2F%2BujpcQpp2pK4ToEb0LkwT3UXtzfBVxYJTxJJyb9mFkQbNgA0G8HpnwAEQPo5rM3iQqILKHNa5OXfu0xfnyzuP%2FzubisKs3bq6ChJAuic3csExdo037Q%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate strict-transport-security max-age=15552000; preload cf-ray 68b81662c8282bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	transparent.gif vote.ticketsbot.net/cdn-cgi/images/trace/jschal/js/	42 B 147 B	17ms 17ms	Image image/gif	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vote.ticketsbot.net/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68b816628fcf2bf2 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68b816628fcf2bf2 pragma no-cache cookie cf_chl_prog=b; cf_chl_rc_ni=1 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:12:51 GMT x-content-type-options nosniff last-modified Wed, 01 Sep 2021 15:48:41 GMT server cloudflare etag "612fa0d9-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200 public accept-ranges bytes cf-ray 68b81662c82a2bf2-FRA vary Accept-Encoding content-length 42 expires Wed, 08 Sep 2021 14:12:51 GMT
GET H2	200	transparent.gif vote.ticketsbot.net/cdn-cgi/images/trace/jschal/nojs/	42 B 101 B	17ms 17ms	Image image/gif	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vote.ticketsbot.net/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68b816628fcf2bf2 Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68b816628fcf2bf2 pragma no-cache cookie cf_chl_prog=b; cf_chl_rc_ni=1 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vote.ticketsbot.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 12:12:51 GMT x-content-type-options nosniff last-modified Wed, 01 Sep 2021 15:48:41 GMT server cloudflare etag "612fa0d9-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200 public accept-ranges bytes cf-ray 68b81662c82c2bf2-FRA vary Accept-Encoding content-length 42 expires Wed, 08 Sep 2021 14:12:51 GMT
POST H2	200	2c097432f95609a Show response vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4501746742184713:1631099749:f692d2da754eef9f7989c10a0dbc4f500572be46ed25ce26f735702141b6969c/68b816628fcf2bf2/	71 KB 39 KB	90ms 90ms	XHR text/plain	2606:4700:20::681a:89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4501746742184713:1631099749:f692d2da754eef9f7989c10a0dbc4f500572be46ed25ce26f735702141b6969c/68b816628fcf2bf2/2c097432f95609a Requested by Host: vote.ticketsbot.net URL: https://vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68b816628fcf2bf2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e87c57c25948dd78c527c4d26b44123b6e62a711a8c6fb1e10bc36df09631d86 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers sec-fetch-mode cors origin https://vote.ticketsbot.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie cf_chl_rc_ni=1; cf_chl_prog=e content-length 1843 :path /cdn-cgi/challenge-platform/h/g/flow/ov1/0.4501746742184713:1631099749:f692d2da754eef9f7989c10a0dbc4f500572be46ed25ce26f735702141b6969c/68b816628fcf2bf2/2c097432f95609a pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 content-type application/x-www-form-urlencoded accept */* cache-control no-cache :authority vote.ticketsbot.net referer https://vote.ticketsbot.net/ :scheme https sec-fetch-site same-origin cf-challenge 2c097432f95609a :method POST Referer https://vote.ticketsbot.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 CF-Challenge 2c097432f95609a Content-type application/x-www-form-urlencoded Response headers date Wed, 08 Sep 2021 12:12:51 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTfPfUBX2GyAd1JdcsMiaChN%2BZ7FhtFZmASICyn5o6bk%2BCOsgQlnUHiJpy45%2B%2FMgmUeTqyh7bfz%2BctEHm07FV01H1GiO2oPXmf1kmrKGpgqBLTRIoyCrQhKB5gA%2FuRXaM0UAC6xDFyzpUXNvCBVj%2Fcs%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 set-cookie cf_chl_seq_2c097432f95609a=95ef07fb054f9a2;SameSite=Strict;Secure;HttpOnly strict-transport-security max-age=15552000; preload cf-ray 68b8166338fe2bf2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET BLOB	200 OK	b5741ea4-a6ee-47fa-898d-f5d82a201eec https://vote.ticketsbot.net/	120 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://vote.ticketsbot.net/b5741ea4-a6ee-47fa-898d-f5d82a201eec Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Length 120 Content-Type application/javascript

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| _cf_chl_opt function| _cf_chl_enter function| sendRequest function| _cf_atob boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx function| _ number| d

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4790070220830889:1631099755:2d6104a22f854eeca8b6517066876cba6667158555b112c92b0e974b9b3adf0e/68b8164eefc52bf2	1969-12-31 23:59:59	Name: cf_chl_seq_92619de4d7cd388 Value: 302ea4043447f73
			vote.ticketsbot.net/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4501746742184713:1631099749:f692d2da754eef9f7989c10a0dbc4f500572be46ed25ce26f735702141b6969c/68b816628fcf2bf2	1969-12-31 23:59:59	Name: cf_chl_seq_2c097432f95609a Value: 95ef07fb054f9a2
			vote.ticketsbot.net/	1970-01-19 21:05:06	Name: cf_chl_rc_ni Value: 1
			vote.ticketsbot.net/	1970-01-19 21:05:06	Name: cf_chl_prog Value: a4

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://vote.ticketsbot.net/ Message: Failed to load resource: the server responded with a status of 503 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://vote.ticketsbot.net/ Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

vote.ticketsbot.net
2606:4700:20::681a:89
13acffd94278f5deeca76dd10b70bfb342111ab2489da6111b4c9bf4b5e1d91c
2e7b246a81706254ce74f3277e108e7710f7da812e4cb5686b562255e160fdfe
3fbd3828798f319617d9f11266bdbd533ec7bc80432b380634dc80cb9d84082a
731fd910901f6944830a026b5010b7cc9b75d728c4a3df6face6b00affc781b7
be374488e0e4f259ecc4430f7310b754f7e8a98accd0733e625f06896dbcd3cd
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87c57c25948dd78c527c4d26b44123b6e62a711a8c6fb1e10bc36df09631d86
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629