urlscan.io logo urlscan.io
SecurityTrails logo

ticketknight.com Open in urlscan Pro
2606:4700:3031::ac43:8878  Public Scan

Go To Rescan Add Verdict Report
URL: https://ticketknight.com/
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3031::ac43:8878, located in United States and belongs to CLOUDFLARENET, US. The main domain is ticketknight.com.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.
This is the only time ticketknight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 172.67.72.223 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
2 20.119.174.243 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 10
6    2606:4700:3031::ac43:8878 (United States)

ASN13335 (CLOUDFLARENET, US)
ticketknight.com
1    172.67.72.223 (United States)

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
6    2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
script.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
script.googleusercontent.com
Apex Domain
Subdomains		 Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 679
r.clarity.ms — Cisco Umbrella Rank: 7136
c.clarity.ms — Cisco Umbrella Rank: 1314
28 KB
6 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 22455
368 KB
6 ticketknight.com
ticketknight.com
156 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2681
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
171 KB
1 googleusercontent.com
script.googleusercontent.com — Cisco Umbrella Rank: 51017
106 KB
1 google.com
script.google.com — Cisco Umbrella Rank: 26969
704 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 187
770 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
870 B
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 17430
655 B
26 11
Domain Requested by
6 widget-v4.tidiochat.com ticketknight.com
code.tidio.co
6 ticketknight.com ticketknight.com
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 r.clarity.ms www.clarity.ms
2 region1.google-analytics.com www.googletagmanager.com
2 www.clarity.ms ticketknight.com
www.clarity.ms
2 www.googletagmanager.com ticketknight.com
www.googletagmanager.com
1 script.googleusercontent.com
1 script.google.com 1 redirects
1 c.bing.com 1 redirects
1 fonts.googleapis.com ticketknight.com
1 code.tidio.co 1 redirects
26 13

This site contains no links.

Subject Issuer Validity Valid
ticketknight.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
tidiochat.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ticketknight.com/
Frame ID: DD3C5080396E6AF842C28B719B7FA6CB
Requests: 21 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_231_0/static/js/chunk-WidgetIframe-2da960b79c1689830246.js
Frame ID: F50F2B94A59C431B30BD9ADBB9316FA2
Requests: 4 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 3275DC918CBE7B233FFAB7E336412104
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ticket Knight

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

88 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

10
IPs

3
Countries

854 kB
Transfer

3036 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://code.tidio.co/ti7nvzslv8ruhdaheqwqgsabd6gr8lma.js HTTP 302
  • https://widget-v4.tidiochat.com/1_231_0/static/js/render.2da960b79c1689830246.js
Request Chain 14
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=589FA2837A9A4C37AA453270509733F1&RedC=c.clarity.ms&MXFR=09BED3FCC1D166F823C6C747C5D168F1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=589FA2837A9A4C37AA453270509733F1&MUID=0881AD438B026FA53208B9F88AD06E25
Request Chain 17
  • https://script.google.com/macros/s/AKfycbxz8GbZfs4HZNSZ5f_hzVhuvZXAqU6GhQkERWIbMCh_7lT71YmvUn9yz1tTO5AGzwMC/exec?q=all HTTP 302
  • https://script.googleusercontent.com/macros/echo?user_content_key=8d1faGRROrYIM9uqDtojKXi4Y9dTEGKC7JxtUH-_UbSzfHaeno8G3yq0CKWdJkaa-6HcfygoSgsNuxymNpga5KDdJrAeg13mm5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xSncGQajx_ryfhECjZEnH4ccbMqBwiu6PErmuJHVCIw2W75anb1QPbJ7-laGg0xDrMWwlHBa2ILDI0xrGM1lPad3d0EvYiSit4qpgdlP4jmKWrepfSgTtKSAuNyuER4&lib=M27KQKIMDHZJ2OAnDqYQtR-G6oP4D-A3r

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ticketknight.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ticketknight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379d5bccc3c8ce82d7410e53f83b24778e4abb4170d37f01f93494e3fae27424

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a2baab8cfdb366b-FRA
content-encoding
br
content-type
text/html
date
Sat, 13 Jul 2024 19:26:49 GMT
last-modified
Thu, 16 Nov 2023 05:19:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HS2a3Vdcy2hzFOIhHmbMuFEoBcJaKtqRz2e2fEhUB6sRNqXdOKt60%2FZor9Ckmj21Q9y2Q4YYkf01XFfJ15cVSQN75jpIfbqu%2B9HHlUQAPMal%2FcCW1ax4Cl%2FLzd8aohAOXcBSjvuraRoyduNCWT4E"}],"group":"cf-nel","max_age":604800}
server
cloudflare
render.2da960b79c1689830246.js
widget-v4.tidiochat.com/1_231_0/static/js/
Redirect Chain
  • https://code.tidio.co/ti7nvzslv8ruhdaheqwqgsabd6gr8lma.js
  • https://widget-v4.tidiochat.com/1_231_0/static/js/render.2da960b79c1689830246.js
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_231_0/static/js/render.2da960b79c1689830246.js
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/
Protocol
H2
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad1148b2bff91c0898436f56699a995a1062b42c0bb306530e0df505199bcace

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2024 13:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6712
etag
W/"668fdf1c-1472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iIhi3vhmMIsOD7OcEEJpxzuPfDsd8fU0AAy%2BqfOogs317sDOLJNbaQkXH79JFlyX4wdyIsJZTHF6UHB7YooGc1%2FlKOfEuh%2Fpm6tawvkDVapSYByZtRj5ycYYbr3S9y8ciqkurE2Awlhi9ZbJ8HePRRMFGsGb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8a2baabb99eb4d26-FRA

Redirect headers

date
Sat, 13 Jul 2024 19:26:50 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdQDd%2FHaCTkulFwAR6KVKjFMONzsdgw2Pmk9goUuMBpvI3Qi%2B%2BbuFt5LuYXx7%2BMkG2fUhYd5LSccgKw%2F%2B04S%2BUa%2FzrTy0RXcFJ3sHfrZC2OMfCpDSa0Vp4GxSQhfok4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_231_0/static/js/render.2da960b79c1689830246.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
8a2baabadf6b18ff-FRA
index-243072b3.js
ticketknight.com/assets/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ticketknight.com/assets/index-243072b3.js
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b40e0f66b9eb2125cc93f09b84ed567614f3d6ce93dce5994f919b5ac4f5c26

Request headers

Referer
https://ticketknight.com/
Origin
https://ticketknight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Sep 2023 04:05:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"650a6f6f-49286"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYGtklm6Tq4B9otYkvr6e76KGOBS9XlHl3%2FALhzvS448KGO3S1iBG1YYwhim4i9UadLJGWuKbBPV0sgPu2YNdjhKyLXuqbr1jf3c7zIOYv8b9%2FPG95ZSEljFobXzGH3eTBNYc5CPrbhNvAHbWmX5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8a2baaba6a4d366b-FRA
alt-svc
h3=":443"; ma=86400
index-bc4c37b6.css
ticketknight.com/assets/ 		188 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ticketknight.com/assets/index-bc4c37b6.css
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4c37b65a0ce3b322d9cd40b94ab68438bc20515c5619d56df1cd182973f5ae

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Sep 2023 04:05:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"650a6f6f-2f04b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x02j47o9dMLbd37P6lDi6DY6fEyIcpt2ebaHSFxCWGLIcRaOLUzqxJpgiDdYciPq7xO8TXXMGNnl%2FSkGROa3fNyUriLSqDhYrnjoDfqvbI8J3TXZUUb6aX5jWGXQbCref28ssC1JwJt7NPn6uDqd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a2baaba6a53366b-FRA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9SJ6PJW
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ace4fc63a977ff0d1098f2cdd45dc0fa06dcb1d3110bf74660121aac246d8be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70889
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 19:26:50 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YPGVD42VB4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9SJ6PJW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
abc0157101103ac22d5bfe0a6b3cdd170fc5a070b75215edfc6035aea8bb63ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103980
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 19:26:50 GMT
jsc19b69c8
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/jsc19b69c8?ref=gtm2
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
398fc8b414bb1d26918b3253ac5e182ee0e1405cc0250dbba8c5fad8ad8179fb

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Sat, 13 Jul 2024 19:26:50 GMT
x-azure-ref
20240713T192650Z-17cf9458cfbs9x2k2pzz81n7m40000000dug00000000sn0k
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YPGVD42VB4&gtm=45je4790v9171280028z89170078147za200zb9170078147&_p=1720898809992&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=913216121.1720898810&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720898810&sct=1&seg=0&dl=https%3A%2F%2Fticketknight.com%2F&dt=Ticket%20...&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=697&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YPGVD42VB4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 19:26:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ticketknight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk-WidgetIframe-2da960b79c1689830246.js
widget-v4.tidiochat.com/1_231_0/static/js/ Frame F50F 		475 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_231_0/static/js/chunk-WidgetIframe-2da960b79c1689830246.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/ti7nvzslv8ruhdaheqwqgsabd6gr8lma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1cb13d3e2b082b965aefc913a6d5b10916afca8d474c32e258b4dc8f0cc0408

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2024 13:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3576
etag
W/"668fdf1c-76b87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BEaomAV%2F20%2BCpMLmZbwrrtGE%2BsOH0JqH2KmYC1pBL02nbXID3lzJ0v7ksud8BEYDyBM0smaE0uAMrxz9SyvwEfctlBI6cpzFoIau8mUOKV%2Bdck3kUrcCJYgVsUj1N%2FlmPHWVdUcDa3bkFN5vFGONBwbIoPr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8a2baabc0a6d4d26-FRA
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame F50F 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/ti7nvzslv8ruhdaheqwqgsabd6gr8lma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin
https://ticketknight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 13:33:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668fdf19-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQDuTmd7ZEKvqPKMivbXq8dQ6Q13Sx09yFytnOUlWUYk0j1VzTLZKlDmxei3wEga%2F5%2FO%2BJ72hskjfVlw%2B%2FUcxodRFhQa83n9D92%2Bc2Ha5s4%2FZfJIOXhNvDv7RHWnu%2BV6JUD8jC5gI31mSaXBzo%2BQJoCEPlN2"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8a2baabc5fe8381f-FRA
content-length
27400
tururu.mp3
widget-v4.tidiochat.com// Frame F50F 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2232158
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Mon, 17 Jun 2024 12:06:04 GMT
server
cloudflare
etag
"667026ac-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0E9HpB%2FVCTyyL4Vher5tJEVAGYbp6nwwFHVqP2GheOutkVpHC1dL4LHIO0jTraC6xTxd9cQOklZ64L6P38PUCmP6fYNSNWEKXrlchth8uWj0F%2FxCLNohLkoq5kmRle30hpZAfd41CJYSMmOGjon8Wjl5LdCd"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
8a2baabc0a704d26-FRA
expires
Mon, 01 Jul 2024 23:24:12 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jsc19b69c8?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240713T192650Z-17cf9458cfbs9x2k2pzz81n7m40000000dug00000000sn1x
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
dddcbc75-801e-0015-19e4-cd3968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
r.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ticketknight.com
Date
Sat, 13 Jul 2024 19:26:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
css2
fonts.googleapis.com/ 		3 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600;700&display=swap
Requested by
Host: ticketknight.com
URL: https://ticketknight.com/assets/index-bc4c37b6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
264ec68a248419d19b2f986e8953eedb5cb99ab03d68c0fcee37e1d6f70f2618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 19:12:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jul 2024 19:26:50 GMT
widget.2da960b79c1689830246.js
widget-v4.tidiochat.com/1_231_0/static/js/ Frame F50F 		494 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_231_0/static/js/widget.2da960b79c1689830246.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/ti7nvzslv8ruhdaheqwqgsabd6gr8lma.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4fc3678bf3b3139eee6699817c3e4b2308504a34f1151cbc5b411bb22e16c8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2024 13:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3573
etag
W/"668fdf1c-7b7e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5QAHZKE0xMlDpZ199pivlZfpsz8Z1Btn9waeo0IUr10kl7cHfAxA3IUAz67jlkOwNvNa7mJu05WOa52nOqraSsAZRcXgP6z68XYzaRtqMAkCXmhKaAEtX9O275ito%2FS%2FRfvo61cY7%2FFU9gHf3d%2Bttg%2BtPaj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8a2baabebdd94d26-FRA
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=589FA2837A9A4C37AA453270509733F1&RedC=c.clarity.ms&MXFR=09BED3FCC1D166F823C6C747C5D168F1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=589FA2837A9A4C37AA453270509733F1&MUID=0881AD438B026FA53208B9F88AD06E25
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=589FA2837A9A4C37AA453270509733F1&MUID=0881AD438B026FA53208B9F88AD06E25
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 19:26:50 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 13 Jul 2024 19:26:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2DA8D5EE3B6048F5878F8E79D4AEC5F5 Ref B: FRAEDGE2018 Ref C: 2024-07-13T19:26:50Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=589FA2837A9A4C37AA453270509733F1&MUID=0881AD438B026FA53208B9F88AD06E25
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
logo-8e8fd57b.png
ticketknight.com/assets/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ticketknight.com/assets/logo-8e8fd57b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8fd57b6cd1f12183ce6906cc379b1c165704680f95b8280b5ea1df9977e783

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:51 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Sep 2023 04:05:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"650a6f70-64cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCbX9uGlikPcAJG53Mpdf1vAh8RLgokBDq%2F6FnIA6nrDf8yFvhF0xGpAGCdFkEbvW9qEamK6%2B8Dc9%2B%2Fy%2BvoCms1toNCTGmZqr9v4NOd7D%2B2vIBJzL8Eb8OFsu%2FCMV2nmL59jDJnmg8nXEtzb4r4o"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a2baabeff93366b-FRA
alt-svc
h3=":443"; ma=86400
content-length
25805
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ticketknight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:04:02 GMT
x-content-type-options
nosniff
age
379368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 10:04:02 GMT
echo
script.googleusercontent.com/macros/
Redirect Chain
  • https://script.google.com/macros/s/AKfycbxz8GbZfs4HZNSZ5f_hzVhuvZXAqU6GhQkERWIbMCh_7lT71YmvUn9yz1tTO5AGzwMC/exec?q=all
  • https://script.googleusercontent.com/macros/echo?user_content_key=8d1faGRROrYIM9uqDtojKXi4Y9dTEGKC7JxtUH-_UbSzfHaeno8G3yq0CKWdJkaa-6HcfygoSgsNuxymNpga5KDdJrAeg13mm5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xS...
903 KB
106 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.googleusercontent.com/macros/echo?user_content_key=8d1faGRROrYIM9uqDtojKXi4Y9dTEGKC7JxtUH-_UbSzfHaeno8G3yq0CKWdJkaa-6HcfygoSgsNuxymNpga5KDdJrAeg13mm5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xSncGQajx_ryfhECjZEnH4ccbMqBwiu6PErmuJHVCIw2W75anb1QPbJ7-laGg0xDrMWwlHBa2ILDI0xrGM1lPad3d0EvYiSit4qpgdlP4jmKWrepfSgTtKSAuNyuER4&lib=M27KQKIMDHZJ2OAnDqYQtR-G6oP4D-A3r
Protocol
H2
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7d76039dd939e82505377089a1d82349055db09a8e8fc740cfd1a2bb3b819f9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 19:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jul 2024 19:26:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-Q9_xNyPR5LKs5Xrm2_EjNw' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://script.googleusercontent.com/macros/echo?user_content_key=8d1faGRROrYIM9uqDtojKXi4Y9dTEGKC7JxtUH-_UbSzfHaeno8G3yq0CKWdJkaa-6HcfygoSgsNuxymNpga5KDdJrAeg13mm5_BxDlH2jW0nuo2oDemN9CCS2h10ox_1xSncGQajx_ryfhECjZEnH4ccbMqBwiu6PErmuJHVCIw2W75anb1QPbJ7-laGg0xDrMWwlHBa2ILDI0xrGM1lPad3d0EvYiSit4qpgdlP4jmKWrepfSgTtKSAuNyuER4&lib=M27KQKIMDHZJ2OAnDqYQtR-G6oP4D-A3r
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
468
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon-32x32.png
ticketknight.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ticketknight.com/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46314e2368e42e24f8aaaf8639a8a8ec89f10cb051376f0e7823a71ae2497c26

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Sep 2023 04:05:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"650a6f71-809"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ONhAXWehuP4vZ8xe%2Bk2L6P2LEzNc4v0EumPlJaO616%2FPX3q2e3q7nbi0ctlYZdtKypf7MWjLT5AicVrmW4PKLfFA7%2BRNQ7VLmbizLKZ5RyyBgviCtNkIxo1oboVx6O3zKQDkmlyA9cgzgtWR7QG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a2baabf0f9c366b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2057
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 3275 		27 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ticketknight.com/
Origin
https://ticketknight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:50 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2024 13:33:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668fdf19-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQDuTmd7ZEKvqPKMivbXq8dQ6Q13Sx09yFytnOUlWUYk0j1VzTLZKlDmxei3wEga%2F5%2FO%2BJ72hskjfVlw%2B%2FUcxodRFhQa83n9D92%2Bc2Ha5s4%2FZfJIOXhNvDv7RHWnu%2BV6JUD8jC5gI31mSaXBzo%2BQJoCEPlN2"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8a2baabc5fe8381f-FRA
content-length
27400
collect
r.clarity.ms/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ticketknight.com
Date
Sat, 13 Jul 2024 19:26:51 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
search-b61e42b5.svg
ticketknight.com/assets/ 		331 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ticketknight.com/assets/search-b61e42b5.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61e42b51cc8133a32c38f505ce2022cb47d7d40906f8b30cbf5af7c88fbfff7

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 19:26:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Sep 2023 04:05:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"650a6f70-14b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXSwk0fqdPB6XB7c3t8Rv3HyHqSZHJMSbbVaakbOp3wgj1fw3pN%2BUHBBdFE29C9nONNDfZKrJhPzpmeQS1%2B72J7eYL6yJqIMMJoEFBFfAmVckZP6unGFLJ9N6CaBSjUaF4GxoA67o5FbMe0aAzzH"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a2baad1cf1b366b-FRA
alt-svc
h3=":443"; ma=86400
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ticketknight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:12:33 GMT
x-content-type-options
nosniff
age
378860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 10:12:33 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ticketknight.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:35:49 GMT
x-content-type-options
nosniff
age
381064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:35:49 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YPGVD42VB4&gtm=45je4790v9171280028za200zb9170078147&_p=1720898809992&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=913216121.1720898810&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1720898810&sct=1&seg=0&dl=https%3A%2F%2Fticketknight.com%2F&dt=Ticket%20...&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5702&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YPGVD42VB4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://ticketknight.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 19:26:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ticketknight.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| google_tag_manager object| google_tag_data function| clarity function| onYouTubeIframeAPIReady object| gaGlobal object| SENTRY_RELEASE object| tidioChatApi number| uidEvent

12 Cookies

Domain/Path Name / Value
.ticketknight.com/ Name: _ga
Value: GA1.1.913216121.1720898810
.ticketknight.com/ Name: _ga_YPGVD42VB4
Value: GS1.1.1720898810.1.0.1720898810.0.0.0
www.clarity.ms/ Name: CLID
Value: 346193393950483f84d23c2b5950ed8f.20240713.20250713
.ticketknight.com/ Name: _clck
Value: qfchws%7C2%7Cfnf%7C0%7C1655
.ticketknight.com/ Name: _clsk
Value: 1mgtjsd%7C1720898810993%7C1%7C1%7Cr.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 0881AD438B026FA53208B9F88AD06E25
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0881AD438B026FA53208B9F88AD06E25
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0881AD438B026FA53208B9F88AD06E25
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
javascript warning URL: about:blank
Message:
The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
r.clarity.ms
region1.google-analytics.com
script.google.com
script.googleusercontent.com
ticketknight.com
widget-v4.tidiochat.com
www.clarity.ms
www.googletagmanager.com
13.74.129.1
172.67.72.223
20.119.174.243
2001:4860:4802:32::36
2606:4700:20::ac43:4703
2606:4700:3031::ac43:8878
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2008
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
264ec68a248419d19b2f986e8953eedb5cb99ab03d68c0fcee37e1d6f70f2618
2ace4fc63a977ff0d1098f2cdd45dc0fa06dcb1d3110bf74660121aac246d8be
2b40e0f66b9eb2125cc93f09b84ed567614f3d6ce93dce5994f919b5ac4f5c26
379d5bccc3c8ce82d7410e53f83b24778e4abb4170d37f01f93494e3fae27424
398fc8b414bb1d26918b3253ac5e182ee0e1405cc0250dbba8c5fad8ad8179fb
46314e2368e42e24f8aaaf8639a8a8ec89f10cb051376f0e7823a71ae2497c26
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d76039dd939e82505377089a1d82349055db09a8e8fc740cfd1a2bb3b819f9b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8e8fd57b6cd1f12183ce6906cc379b1c165704680f95b8280b5ea1df9977e783
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1cb13d3e2b082b965aefc913a6d5b10916afca8d474c32e258b4dc8f0cc0408
abc0157101103ac22d5bfe0a6b3cdd170fc5a070b75215edfc6035aea8bb63ff
ad1148b2bff91c0898436f56699a995a1062b42c0bb306530e0df505199bcace
b61e42b51cc8133a32c38f505ce2022cb47d7d40906f8b30cbf5af7c88fbfff7
bc4c37b65a0ce3b322d9cd40b94ab68438bc20515c5619d56df1cd182973f5ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4fc3678bf3b3139eee6699817c3e4b2308504a34f1151cbc5b411bb22e16c8
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149